From: cantor <cantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
Date: Mon, 6 Sep 2010 18:29:26 +0000 (+0000)
Subject: https://bugs.internet2.edu/jira/browse/CPPOST-52
X-Git-Tag: 1.4.1~50
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;ds=sidebyside;h=9dc09767fa132ecd42b667a7ce9ab6acacec600c;p=shibboleth%2Fxmltooling.git

https://bugs.internet2.edu/jira/browse/CPPOST-52


git-svn-id: https://svn.middleware.georgetown.edu/cpp-xmltooling/branches/REL_1@788 de75baf8-a10c-0410-a50a-987c0e22f00f
---

diff --git a/xmltooling/encryption/impl/EncryptedKeyResolver.cpp b/xmltooling/encryption/impl/EncryptedKeyResolver.cpp
index da657e7..6efe395 100644
--- a/xmltooling/encryption/impl/EncryptedKeyResolver.cpp
+++ b/xmltooling/encryption/impl/EncryptedKeyResolver.cpp
@@ -27,6 +27,7 @@
 using namespace xmlencryption;
 using namespace xmlsignature;
 using namespace xmltooling;
+using namespace xercesc;
 using namespace std;
 
 EncryptedKeyResolver::EncryptedKeyResolver()
@@ -42,11 +43,39 @@ const EncryptedKey* EncryptedKeyResolver::resolveKey(const EncryptedData& encryp
     if (!encryptedData.getKeyInfo())
         return nullptr;
 
-    const vector<XMLObject*>& others=const_cast<const KeyInfo*>(encryptedData.getKeyInfo())->getUnknownXMLObjects();
-    for (vector<XMLObject*>::const_iterator i=others.begin(); i!=others.end(); i++) {
-        EncryptedKey* encKey=dynamic_cast<EncryptedKey*>(*i);
-        if (encKey && (!recipient || !encKey->getRecipient() || XMLString::equals(recipient,encKey->getRecipient())))
-            return encKey;
+    const vector<XMLObject*>& others = const_cast<const KeyInfo*>(encryptedData.getKeyInfo())->getUnknownXMLObjects();
+    for (vector<XMLObject*>::const_iterator i = others.begin(); i != others.end(); i++) {
+        EncryptedKey* encKey = dynamic_cast<EncryptedKey*>(*i);
+        if (encKey) {
+            if (!recipient || !encKey->getRecipient() || XMLString::equals(recipient,encKey->getRecipient()))
+                return encKey;
+        }
+    }
+
+    static const XMLCh rmtype[] = { // http://www.w3.org/2001/04/xmlenc#EncryptedKey
+        chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash, chForwardSlash,
+        chLatin_w, chLatin_w, chLatin_w, chPeriod, chLatin_w, chDigit_3, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash,
+        chDigit_2, chDigit_0, chDigit_0, chDigit_1, chForwardSlash, chDigit_0, chDigit_4, chForwardSlash,
+        chLatin_x, chLatin_m, chLatin_l, chLatin_e, chLatin_n, chLatin_c, chPound,
+        chLatin_E, chLatin_n, chLatin_c, chLatin_r, chLatin_y, chLatin_p, chLatin_t, chLatin_e, chLatin_d, chLatin_K, chLatin_e, chLatin_y, chNull
+    };
+
+    const XMLObject* treeRoot = nullptr;
+    const vector<RetrievalMethod*>& methods = const_cast<const KeyInfo*>(encryptedData.getKeyInfo())->getRetrievalMethods();
+    for (vector<RetrievalMethod*>::const_iterator m = methods.begin(); m != methods.end(); ++m) {
+        if (XMLString::equals((*m)->getType(), rmtype)) {
+            const XMLCh* ref = (*m)->getURI();
+            if (ref && *ref == chPound) {
+                if (!treeRoot) {
+                    treeRoot = &encryptedData;
+                    while (treeRoot->getParent())
+                        treeRoot = treeRoot->getParent();
+                }
+                const EncryptedKey* encKey = dynamic_cast<const EncryptedKey*>(XMLHelper::getXMLObjectById(*treeRoot, ref+1));
+                if (encKey)
+                    return encKey;
+            }
+        }
     }
 
     return nullptr;