#include "internal.h"
#include "exceptions.h"
#include "binding/MessageEncoder.h"
+#include "signature/ContentReference.h"
#include "saml2/core/Protocols.h"
#include <fstream>
#include <sstream>
-#include <log4cpp/Category.hh>
#include <xercesc/util/Base64.hpp>
+#include <xmltooling/logging.h>
#include <xmltooling/util/NDC.h>
#include <xmltooling/util/TemplateEngine.h>
using namespace opensaml::saml2p;
+using namespace opensaml::saml2md;
using namespace opensaml;
using namespace xmlsignature;
+using namespace xmltooling::logging;
using namespace xmltooling;
-using namespace log4cpp;
using namespace std;
namespace opensaml {
class SAML_DLLLOCAL SAML2POSTEncoder : public MessageEncoder
{
public:
- SAML2POSTEncoder(const DOMElement* e, bool simple=false);
+ SAML2POSTEncoder(const DOMElement* e, const XMLCh* ns, bool simple=false);
virtual ~SAML2POSTEncoder() {}
long encode(
GenericResponse& genericResponse,
- xmltooling::XMLObject* xmlObject,
+ XMLObject* xmlObject,
const char* destination,
- const char* recipientID=NULL,
+ const EntityDescriptor* recipient=NULL,
const char* relayState=NULL,
- const xmltooling::CredentialResolver* credResolver=NULL,
- const XMLCh* sigAlgorithm=NULL
+ const ArtifactGenerator* artifactGenerator=NULL,
+ const Credential* credential=NULL,
+ const XMLCh* signatureAlg=NULL,
+ const XMLCh* digestAlg=NULL
) const;
private:
- std::string m_template;
+ string m_template;
bool m_simple;
};
- MessageEncoder* SAML_DLLLOCAL SAML2POSTEncoderFactory(const DOMElement* const & e)
+ MessageEncoder* SAML_DLLLOCAL SAML2POSTEncoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
{
- return new SAML2POSTEncoder(e, false);
+ return new SAML2POSTEncoder(p.first, p.second, false);
}
- MessageEncoder* SAML_DLLLOCAL SAML2POSTSimpleSignEncoderFactory(const DOMElement* const & e)
+ MessageEncoder* SAML_DLLLOCAL SAML2POSTSimpleSignEncoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
{
- return new SAML2POSTEncoder(e, true);
+ return new SAML2POSTEncoder(p.first, p.second, true);
}
};
};
static const XMLCh _template[] = UNICODE_LITERAL_8(t,e,m,p,l,a,t,e);
-SAML2POSTEncoder::SAML2POSTEncoder(const DOMElement* e, bool simple) : m_simple(simple)
+SAML2POSTEncoder::SAML2POSTEncoder(const DOMElement* e, const XMLCh* ns, bool simple) : m_simple(simple)
{
if (e) {
- auto_ptr_char t(e->getAttributeNS(NULL, _template));
- if (t.get())
+ auto_ptr_char t(e->getAttributeNS(ns, _template));
+ if (t.get() && *t.get())
m_template = t.get();
}
if (m_template.empty())
GenericResponse& genericResponse,
XMLObject* xmlObject,
const char* destination,
- const char* recipientID,
+ const EntityDescriptor* recipient,
const char* relayState,
- const CredentialResolver* credResolver,
- const XMLCh* sigAlgorithm
+ const ArtifactGenerator* artifactGenerator,
+ const Credential* credential,
+ const XMLCh* signatureAlg,
+ const XMLCh* digestAlg
) const
{
#ifdef _DEBUG
}
DOMElement* rootElement = NULL;
- vector<Signature*> sigs;
- if (credResolver && !m_simple) {
+ if (credential && !m_simple) {
// Signature based on native XML signing.
if (request ? request->getSignature() : response->getSignature()) {
log.debug("message already signed, skipping signature operation");
log.debug("signing and marshalling the message");
// Build a Signature.
- Signature* sig = buildSignature(credResolver, sigAlgorithm);
-
- // Append Signature.
+ Signature* sig = SignatureBuilder::buildSignature();
request ? request->setSignature(sig) : response->setSignature(sig);
-
+ if (signatureAlg)
+ sig->setSignatureAlgorithm(signatureAlg);
+ if (digestAlg) {
+ opensaml::ContentReference* cr = dynamic_cast<opensaml::ContentReference*>(sig->getContentReference());
+ if (cr)
+ cr->setDigestAlgorithm(digestAlg);
+ }
+
// Sign response while marshalling.
- sigs.push_back(sig);
+ vector<Signature*> sigs(1,sig);
+ rootElement = xmlObject->marshall((DOMDocument*)NULL,&sigs,credential);
}
}
else {
log.debug("marshalling the message");
+ rootElement = xmlObject->marshall((DOMDocument*)NULL);
}
- rootElement = xmlObject->marshall((DOMDocument*)NULL,&sigs);
-
// Start tracking data.
TemplateEngine::TemplateParameters pmap;
- if (relayState)
+ if (relayState && *relayState)
pmap.m_map["RelayState"] = relayState;
// Serialize the message.
XMLHelper::serialize(rootElement, msg);
// SimpleSign.
- if (credResolver && m_simple) {
+ if (credential && m_simple) {
log.debug("applying simple signature to message data");
string input = (request ? "SAMLRequest=" : "SAMLResponse=") + msg;
- if (relayState)
+ if (relayState && *relayState)
input = input + "&RelayState=" + relayState;
- if (!sigAlgorithm)
- sigAlgorithm = DSIGConstants::s_unicodeStrURIRSA_SHA1;
- auto_ptr_char alg(sigAlgorithm);
+ if (!signatureAlg)
+ signatureAlg = DSIGConstants::s_unicodeStrURIRSA_SHA1;
+ auto_ptr_char alg(signatureAlg);
pmap.m_map["SigAlg"] = alg.get();
input = input + "&SigAlg=" + alg.get();
char sigbuf[1024];
memset(sigbuf,0,sizeof(sigbuf));
- auto_ptr<XSECCryptoKey> key(credResolver->getKey());
- Signature::createRawSignature(key.get(), sigAlgorithm, input.c_str(), input.length(), sigbuf, sizeof(sigbuf)-1);
+ Signature::createRawSignature(credential->getPrivateKey(), signatureAlg, input.c_str(), input.length(), sigbuf, sizeof(sigbuf)-1);
pmap.m_map["Signature"] = sigbuf;
+
+ auto_ptr<KeyInfo> keyInfo(credential->getKeyInfo());
+ if (keyInfo.get()) {
+ string& kstring = pmap.m_map["KeyInfo"];
+ XMLHelper::serialize(keyInfo->marshall((DOMDocument*)NULL), kstring);
+ unsigned int len=0;
+ XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(kstring.data()),kstring.size(),&len);
+ if (!out)
+ throw BindingException("Base64 encoding of XML failed.");
+ kstring.erase();
+ kstring.append(reinterpret_cast<char*>(out),len);
+ XMLString::release(&out);
+ }
}
// Base64 the message.
projects / shibboleth / cpp-opensaml.git / blobdiff