vector<const Credential*> creds;
if (r->first->resolve(creds, r->second) == 0) {
auto_ptr_char name(dynamic_cast<const EntityDescriptor*>(r->second->getRole().getParent())->getEntityID());
- logging::Category::getInstance(SAML_LOGCAT".Encryption").warn("No key encryption credentials found for (%s).", name.get());
+ logging::Category::getInstance(SAML_LOGCAT ".Encryption").warn("No key encryption credentials found for (%s).", name.get());
continue;
}
if (!KEK) {
auto_ptr_char name(dynamic_cast<const EntityDescriptor*>(r->second->getRole().getParent())->getEntityID());
- logging::Category::getInstance(SAML_LOGCAT".Encryption").warn("no supported key encryption credential found for (%s).", name.get());
+ logging::Category::getInstance(SAML_LOGCAT ".Encryption").warn("no supported key encryption credential found for (%s).", name.get());
continue;
}
}
}
-XMLObject* EncryptedElementType::decrypt(const CredentialResolver& credResolver, const XMLCh* recipient, CredentialCriteria* criteria) const
+XMLObject* EncryptedElementType::decrypt(
+ const CredentialResolver& credResolver, const XMLCh* recipient, CredentialCriteria* criteria, bool requireAuthenticatedCipher
+ ) const
{
if (!getEncryptedData())
throw DecryptionException("No encrypted data present.");
opensaml::EncryptedKeyResolver ekr(*this);
- Decrypter decrypter(&credResolver, criteria, &ekr);
+ Decrypter decrypter(&credResolver, criteria, &ekr, requireAuthenticatedCipher);
DOMDocumentFragment* frag = decrypter.decryptData(*getEncryptedData(), recipient);
if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
DOMNode* plaintext=frag->getFirstChild();