X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltooling%2Fsecurity%2Fimpl%2FChainingTrustEngine.cpp;h=f1a92fc2d133b059da25063527e287276220b329;hb=a0d768778a8f5f539b909baf5b115e70ea765f0f;hp=f94c23481664094bf7d723f59f5d5ab72530c5b6;hpb=d74afc7a6b39c5fd3868981a8366471098841fc8;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltooling/security/impl/ChainingTrustEngine.cpp b/xmltooling/security/impl/ChainingTrustEngine.cpp
index f94c234..f1a92fc 100644
--- a/xmltooling/security/impl/ChainingTrustEngine.cpp
+++ b/xmltooling/security/impl/ChainingTrustEngine.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,22 +17,25 @@
 /**
  * ChainingTrustEngine.cpp
  * 
- * TrustEngine that uses multiple engines in sequence.
+ * OpenSSLTrustEngine that uses multiple engines in sequence.
  */
 
 #include "internal.h"
 #include "exceptions.h"
+#include "logging.h"
 #include "security/ChainingTrustEngine.h"
 #include "util/XMLHelper.h"
 
-#include <log4cpp/Category.hh>
+#include <algorithm>
 #include <xercesc/util/XMLUniDefs.hpp>
 
 using namespace xmlsignature;
+using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace log4cpp;
 using namespace std;
 
+using xercesc::DOMElement;
+
 namespace xmltooling {
     TrustEngine* XMLTOOL_DLLLOCAL ChainingTrustEngineFactory(const DOMElement* const & e)
     {
@@ -43,16 +46,25 @@ namespace xmltooling {
 static const XMLCh _TrustEngine[] =                 UNICODE_LITERAL_11(T,r,u,s,t,E,n,g,i,n,e);
 static const XMLCh type[] =                         UNICODE_LITERAL_4(t,y,p,e);
 
-ChainingTrustEngine::ChainingTrustEngine(const DOMElement* e) : OpenSSLTrustEngine(e) {
-    Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine");
-    e = e ? XMLHelper::getFirstChildElement(e, _TrustEngine) : NULL;
+ChainingTrustEngine::ChainingTrustEngine(const DOMElement* e) : TrustEngine(e) {
+    Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine."CHAINING_TRUSTENGINE);
+    e = e ? XMLHelper::getFirstChildElement(e, _TrustEngine) : nullptr;
     while (e) {
         try {
-            auto_ptr_char temp(e->getAttributeNS(NULL,type));
+            auto_ptr_char temp(e->getAttributeNS(nullptr,type));
             if (temp.get() && *temp.get()) {
                 log.info("building TrustEngine of type %s", temp.get());
                 TrustEngine* engine = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(temp.get(), e);
                 m_engines.push_back(engine);
+                SignatureTrustEngine* sig = dynamic_cast<SignatureTrustEngine*>(engine);
+                if (sig)
+                    m_sigEngines.push_back(sig);
+                X509TrustEngine* x509 = dynamic_cast<X509TrustEngine*>(engine);
+                if (x509)
+                    m_x509Engines.push_back(x509);
+                OpenSSLTrustEngine* ossl = dynamic_cast<OpenSSLTrustEngine*>(engine);
+                if (ossl)
+                    m_osslEngines.push_back(ossl);
             }
         }
         catch (exception& ex) {
@@ -66,9 +78,25 @@ ChainingTrustEngine::~ChainingTrustEngine() {
     for_each(m_engines.begin(), m_engines.end(), xmltooling::cleanup<TrustEngine>());
 }
 
+void ChainingTrustEngine::addTrustEngine(TrustEngine* newEngine)
+{
+    m_engines.push_back(newEngine);
+}
+
+TrustEngine* ChainingTrustEngine::removeTrustEngine(TrustEngine* oldEngine)
+{
+    for (vector<TrustEngine*>::iterator i=m_engines.begin(); i!=m_engines.end(); i++) {
+        if (oldEngine==(*i)) {
+            m_engines.erase(i);
+            return oldEngine;
+        }
+    }
+    return nullptr;
+}
+
 bool ChainingTrustEngine::validate(Signature& sig, const CredentialResolver& credResolver, CredentialCriteria* criteria) const
 {
-    for (vector<TrustEngine*>::const_iterator i=m_engines.begin(); i!=m_engines.end(); ++i) {
+    for (vector<SignatureTrustEngine*>::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) {
         if ((*i)->validate(sig,credResolver,criteria))
             return true;
     }
@@ -85,7 +113,7 @@ bool ChainingTrustEngine::validate(
     CredentialCriteria* criteria
     ) const
 {
-    for (vector<TrustEngine*>::const_iterator i=m_engines.begin(); i!=m_engines.end(); ++i) {
+    for (vector<SignatureTrustEngine*>::const_iterator i=m_sigEngines.begin(); i!=m_sigEngines.end(); ++i) {
         if ((*i)->validate(sigAlgorithm, sig, keyInfo, in, in_len, credResolver, criteria))
             return true;
     }
@@ -99,10 +127,8 @@ bool ChainingTrustEngine::validate(
     CredentialCriteria* criteria
     ) const
 {
-    X509TrustEngine* down;
-    for (vector<TrustEngine*>::const_iterator i=m_engines.begin(); i!=m_engines.end(); ++i) {
-        if ((down = dynamic_cast<X509TrustEngine*>(*i)) &&
-                down->validate(certEE,certChain,credResolver,criteria))
+    for (vector<X509TrustEngine*>::const_iterator i=m_x509Engines.begin(); i!=m_x509Engines.end(); ++i) {
+        if ((*i)->validate(certEE,certChain,credResolver,criteria))
             return true;
     }
     return false;
@@ -115,9 +141,8 @@ bool ChainingTrustEngine::validate(
     CredentialCriteria* criteria
     ) const
 {
-    OpenSSLTrustEngine* down;
-    for (vector<TrustEngine*>::const_iterator i=m_engines.begin(); i!=m_engines.end(); ++i) {
-        if ((down = dynamic_cast<OpenSSLTrustEngine*>(*i)) && down->validate(certEE,certChain,credResolver,criteria))
+    for (vector<OpenSSLTrustEngine*>::const_iterator i=m_osslEngines.begin(); i!=m_osslEngines.end(); ++i) {
+        if ((*i)->validate(certEE,certChain,credResolver,criteria))
             return true;
     }
     return false;