2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * SignatureValidator.cpp
20 * Validator for signatures based on an externally-supplied key
24 #include "security/Credential.h"
25 #include "signature/Signature.h"
26 #include "signature/SignatureValidator.h"
28 #include <xsec/enc/XSECCryptoException.hpp>
29 #include <xsec/framework/XSECException.hpp>
31 using namespace xmlsignature;
32 using namespace xmltooling;
35 SignatureValidator::SignatureValidator(XSECCryptoKey* key) : m_key(key), m_credential(NULL)
39 SignatureValidator::SignatureValidator(const Credential* credential) : m_key(NULL), m_credential(credential)
43 void SignatureValidator::setKey(XSECCryptoKey* key)
49 void SignatureValidator::setCredential(const Credential* credential)
52 m_credential = credential;
55 void SignatureValidator::validate(const XMLObject* xmlObject) const
57 const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);
59 throw ValidationException("Validator only applies to Signature objects.");
63 void SignatureValidator::validate(const Signature* sigObj) const
65 DSIGSignature* sig=sigObj->getXMLSignature();
67 throw ValidationException("Signature does not exist yet.");
68 else if (!m_key && !m_credential)
69 throw ValidationException("No Credential or key set on Validator.");
71 XSECCryptoKey* key = m_key ? m_key : (m_credential ? m_credential->getPublicKey() : NULL);
73 throw ValidationException("Credential did not contain a verification key.");
76 sig->setSigningKey(key->clone());
78 throw ValidationException("Digital signature does not validate with the supplied key.");
80 catch(XSECException& e) {
81 auto_ptr_char temp(e.getMsg());
82 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());
84 catch(XSECCryptoException& e) {
85 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());