Bump lib version.
[shibboleth/cpp-opensaml.git] / samlsign / samlsign.cpp
index 04ceb52..9cdaa91 100644 (file)
@@ -247,7 +247,7 @@ int main(int argc,char* argv[])
 
                 // Set up criteria.
                 CredentialCriteria cc;
-                cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                cc.setUsage(Credential::SIGNING_CREDENTIAL);
                 cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                 if (issuer)
                     cc.setPeerName(issuer);
@@ -265,7 +265,8 @@ int main(int argc,char* argv[])
                             good = true;
                             break;
                         }
-                        catch (exception&) {
+                        catch (exception& e) {
+                            log.info("error trying verification key: %s", e.what());
                         }
                     }
                     if (!good)
@@ -292,18 +293,19 @@ int main(int argc,char* argv[])
                     auto_ptr<MetadataProvider> metadata(buildPlugin(m_param, conf.MetadataProviderManager));
                     metadata->init();
                     
-                    Locker locker(metadata.get());
-                    const EntityDescriptor* entity = metadata->getEntityDescriptor(issuer);
-                    if (!entity)
-                        throw MetadataException("no metadata found for ($1)", params(1, issuer));
                     const XMLCh* ns = rns ? XMLString::transcode(rns) : samlconstants::SAML20MD_NS;
                     auto_ptr_XMLCh n(rname);
                     QName q(ns, n.get());
-                    const RoleDescriptor* role = entity->getRoleDescriptor(q, protocol);
-                    if (!role)
+
+                    Locker locker(metadata.get());
+                    MetadataProvider::Criteria mc(issuer, &q, protocol);
+                    pair<const EntityDescriptor*,const RoleDescriptor*> entity = metadata->getEntityDescriptor(mc);
+                    if (!entity.first)
+                        throw MetadataException("no metadata found for ($1)", params(1, issuer));
+                    else if (!entity.second)
                         throw MetadataException("compatible role $1 not found for ($2)", params(2, q.toString().c_str(), issuer));
 
-                    MetadataCredentialCriteria mcc(*role);
+                    MetadataCredentialCriteria mcc(*entity.second);
                     if (sigtrust->validate(*signable->getSignature(), *metadata.get(), &mcc))
                         log.info("successful signature verification");
                     else
@@ -312,7 +314,7 @@ int main(int argc,char* argv[])
                 else {
                     // Set up criteria.
                     CredentialCriteria cc;
-                    cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                    cc.setUsage(Credential::SIGNING_CREDENTIAL);
                     cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                     if (issuer)
                         cc.setPeerName(issuer);
@@ -331,7 +333,7 @@ int main(int argc,char* argv[])
                 );
             Locker locker(cr.get());
             CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
             const Credential* cred = cr->resolve(&cc);
             if (!cred)
                 throw XMLSecurityException("Unable to resolve a signing credential.");
@@ -346,14 +348,9 @@ int main(int argc,char* argv[])
         }
     }
     catch(exception& e) {
-        log.errorStream() << "caught an exception: " << e.what() << CategoryStream::ENDLINE;
+        log.errorStream() << "caught an exception: " << e.what() << logging::eol;
         ret=-10;
     }
-    catch(XMLException& e) {
-        auto_ptr_char temp(e.getMessage());
-        log.errorStream() << "caught a Xerces exception: " << temp.get() << CategoryStream::ENDLINE;
-        ret=-20;
-    }
 
     conf.term();
     return ret;