/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2010 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "saml2/metadata/MetadataCredentialContext.h"
#include "saml2/metadata/MetadataCredentialCriteria.h"
-#include <log4cpp/Category.hh>
+#include <xmltooling/logging.h>
+#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/encryption/Encrypter.h>
#include <xmltooling/encryption/Decrypter.h>
+#include <xmltooling/security/Credential.h>
+#include <xmltooling/signature/KeyInfo.h>
+#include <xmltooling/util/ParserPool.h>
+
+#include <xsec/utils/XSECPlatformUtils.hpp>
using namespace opensaml::saml2md;
using namespace opensaml::saml2;
{
// With one recipient, we let the library generate the encryption key for us.
// Get the key encryption key to use.
- criteria.setUsage(CredentialCriteria::ENCRYPTION_CREDENTIAL);
+ criteria.setUsage(Credential::ENCRYPTION_CREDENTIAL);
const Credential* KEK = metadataProvider.resolve(&criteria);
if (!KEK)
throw EncryptionException("No key encryption credential found.");
// Now we encrypt the key for each recipient.
for (vector< pair<const MetadataProvider*, MetadataCredentialCriteria*> >::const_iterator r = recipients.begin(); r!=recipients.end(); ++r) {
// Get key encryption key to use.
- r->second->setUsage(CredentialCriteria::ENCRYPTION_CREDENTIAL);
+ r->second->setUsage(Credential::ENCRYPTION_CREDENTIAL);
const Credential* KEK = r->first->resolve(r->second);
if (!KEK) {
auto_ptr_char name(dynamic_cast<const EntityDescriptor*>(r->second->getRole().getParent())->getEntityID());
- log4cpp::Category::getInstance(SAML_LOGCAT".Encryption").warn("No key encryption credential found for (%s).", name.get());
+ logging::Category::getInstance(SAML_LOGCAT".Encryption").warn("No key encryption credential found for (%s).", name.get());
continue;
}
if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
// Import the tree into a new Document that we can bind to the unmarshalled object.
XercesJanitor<DOMDocument> newdoc(XMLToolingConfig::getConfig().getParser().newDocument());
- DOMElement* treecopy = static_cast<DOMElement*>(newdoc->importNode(plaintext, true));
+ DOMElement* treecopy;
+ try {
+ treecopy = static_cast<DOMElement*>(newdoc->importNode(plaintext, true));
+ }
+ catch (XMLException& ex) {
+ frag->release();
+ auto_ptr_char temp(ex.getMessage());
+ throw DecryptionException(
+ string("Error importing decypted DOM into new document: ") + (temp.get() ? temp.get() : "no message")
+ );
+ }
+ frag->release();
newdoc->appendChild(treecopy);
auto_ptr<XMLObject> ret(XMLObjectBuilder::buildOneFromElement(treecopy, true));
newdoc.release();