2 * Copyright 2001-2006 Internet2
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
18 * VerifyingContext.cpp
\r
20 * SAML-specific signature verification
\r
23 #include "internal.h"
\r
24 #include "signature/VerifyingContext.h"
\r
26 #include <xmltooling/signature/Signature.h>
\r
28 #include <xercesc/util/XMLUniDefs.hpp>
\r
29 #include <xsec/dsig/DSIGReference.hpp>
\r
30 #include <xsec/dsig/DSIGTransformC14n.hpp>
\r
31 #include <xsec/dsig/DSIGTransformList.hpp>
\r
33 using namespace opensaml;
\r
34 using namespace std;
\r
36 void VerifyingContext::verifySignature(DSIGSignature* sig) const
\r
40 DSIGReferenceList* refs=sig->getReferenceList();
\r
41 if (refs && refs->getSize()==1) {
\r
42 DSIGReference* ref=refs->item(0);
\r
44 const XMLCh* URI=ref->getURI();
\r
45 if (URI==NULL || *URI==0 || (*URI==chPound && !XMLString::compareString(URI+1,m_id))) {
\r
46 DSIGTransformList* tlist=ref->getTransforms();
\r
47 for (unsigned int i=0; tlist && i<tlist->getSize(); i++) {
\r
48 if (tlist->item(i)->getTransformType()==TRANSFORM_ENVELOPED_SIGNATURE)
\r
50 else if (tlist->item(i)->getTransformType()!=TRANSFORM_EXC_C14N &&
\r
51 tlist->item(i)->getTransformType()!=TRANSFORM_C14N) {
\r
61 throw xmlsignature::SignatureException("Invalid signature profile for SAML object.");
\r