/*
- * Copyright 2009 Internet2
+ * Copyright 2009-2010 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*/
#include "internal.h"
+#include "exceptions.h"
#include "Application.h"
#include "attribute/AttributeDecoder.h"
#include "attribute/SimpleAttribute.h"
#include <saml/saml2/metadata/Metadata.h>
#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <saml/saml2/metadata/MetadataProvider.h>
+#include <xmltooling/security/Credential.h>
#include <xmltooling/security/SecurityHelper.h>
#include <xmltooling/util/XMLHelper.h>
#include <xercesc/util/XMLUniDefs.hpp>
}
private:
+ string m_hashAlg;
vector<string> m_hashId;
vector<string> m_signingId;
vector<string> m_encryptionId;
static const XMLCh encryptionId[] = UNICODE_LITERAL_12(e,n,c,r,y,p,t,i,o,n,I,d);
static const XMLCh hashId[] = UNICODE_LITERAL_6(h,a,s,h,I,d);
+ static const XMLCh hashAlg[] = UNICODE_LITERAL_7(h,a,s,h,A,l,g);
static const XMLCh signingId[] = UNICODE_LITERAL_9(s,i,g,n,i,n,g,I,d);
};
-KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e)
+KeyDescriptorExtractor::KeyDescriptorExtractor(const DOMElement* e) : m_hashAlg(XMLHelper::getAttrString(e, "SHA1", hashAlg))
{
if (e) {
- const XMLCh* a = e->getAttributeNS(NULL, hashId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_hashId.push_back(temp.get());
- }
- a = e->getAttributeNS(NULL, signingId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_signingId.push_back(temp.get());
- }
- a = e->getAttributeNS(NULL, encryptionId);
- if (a && *a) {
- auto_ptr_char temp(a);
- m_encryptionId.push_back(temp.get());
- }
+ string a(XMLHelper::getAttrString(e, nullptr, hashId));
+ if (!a.empty())
+ m_hashId.push_back(a);
+ a = XMLHelper::getAttrString(e, nullptr, signingId);
+ if (!a.empty())
+ m_signingId.push_back(a);
+ a = XMLHelper::getAttrString(e, nullptr, encryptionId);
+ if (!a.empty())
+ m_encryptionId.push_back(a);
}
if (m_hashId.empty() && m_signingId.empty() && m_encryptionId.empty())
throw ConfigurationException("KeyDescriptor AttributeExtractor requires hashId, signingId, or encryptionId property.");
for (vector<const Credential*>::const_iterator c = creds.begin(); c != creds.end(); ++c) {
if (vals.empty() || !vals.back().empty())
vals.push_back(string());
- vals.back() = SecurityHelper::getDEREncoding(*(*c), true);
+ vals.back() = SecurityHelper::getDEREncoding(*(*c), m_hashAlg.c_str());
}
if (vals.back().empty())
vals.pop_back();