2 * Copyright 2001-2010 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * SignatureValidator.cpp
20 * Validator for signatures based on an externally-supplied key
24 #include "security/Credential.h"
25 #include "signature/Signature.h"
26 #include "signature/SignatureValidator.h"
28 #include <xsec/enc/XSECCryptoException.hpp>
29 #include <xsec/framework/XSECException.hpp>
31 using namespace xmlsignature;
32 using namespace xmltooling;
35 SignatureValidator::SignatureValidator(XSECCryptoKey* key) : m_key(key), m_credential(nullptr)
39 SignatureValidator::SignatureValidator(const Credential* credential) : m_key(nullptr), m_credential(credential)
43 SignatureValidator::~SignatureValidator()
47 void SignatureValidator::setKey(XSECCryptoKey* key)
50 m_credential = nullptr;
53 void SignatureValidator::setCredential(const Credential* credential)
56 m_credential = credential;
59 void SignatureValidator::validate(const XMLObject* xmlObject) const
61 const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);
63 throw ValidationException("Validator only applies to Signature objects.");
67 void SignatureValidator::validate(const Signature* sigObj) const
69 DSIGSignature* sig=sigObj->getXMLSignature();
71 throw ValidationException("Signature does not exist yet.");
72 else if (!m_key && !m_credential)
73 throw ValidationException("No Credential or key set on Validator.");
75 XSECCryptoKey* key = m_key ? m_key : (m_credential ? m_credential->getPublicKey() : nullptr);
77 throw ValidationException("Credential did not contain a verification key.");
80 sig->setSigningKey(key->clone());
82 throw ValidationException("Digital signature does not validate with the supplied key.");
84 catch(XSECException& e) {
85 auto_ptr_char temp(e.getMsg());
86 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());
88 catch(XSECCryptoException& e) {
89 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());