Major revamp of credential and trust handling code, PKIX engine still needs work.

[shibboleth/cpp-opensaml.git] / saml / saml2 / core / impl / Assertions20Impl.cpp

diff --git a/saml/saml2/core/impl/Assertions20Impl.cpp b/saml/saml2/core/impl/Assertions20Impl.cpp
index a26a275..fe7a7b0 100644 (file)
--- a/saml/saml2/core/impl/Assertions20Impl.cpp
+++ b/saml/saml2/core/impl/Assertions20Impl.cpp
@@ -192,13 +192,13 @@ namespace opensaml {
                 }
             }
     
-            XMLObject* decrypt(const CredentialResolver* KEKresolver, const XMLCh* recipient) const
+            XMLObject* decrypt(const CredentialResolver& credResolver, const XMLCh* recipient, CredentialCriteria* criteria) const
             {
                 if (!m_EncryptedData)
                     throw DecryptionException("No encrypted data present.");
-                EncryptedKeyResolver ekr(*this, recipient);
-                Decrypter decrypter(KEKresolver, &ekr);
-                DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData);
+                EncryptedKeyResolver ekr(*this);
+                Decrypter decrypter(&credResolver, criteria, &ekr);
+                DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData, recipient);
                 if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
                     DOMNode* plaintext=frag->getFirstChild();
                     if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {