/*
- * Copyright 2001-2005 Internet2
+ * Copyright 2001-2010 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
// Append a Signature.
assertion->setSignature(SignatureBuilder::buildSignature());
- Locker locker(m_resolver);
- assertion->getSignature()->setSigningKey(m_resolver->getKey());
-
- // Build KeyInfo.
- KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo();
- X509Data* x509Data=X509DataBuilder::buildX509Data();
- keyInfo->getX509Datas().push_back(x509Data);
- for_each(m_resolver->getCertificates().begin(),m_resolver->getCertificates().end(),bind1st(_addcert(),x509Data));
- assertion->getSignature()->setKeyInfo(keyInfo);
// Sign assertion while marshalling.
vector<Signature*> sigs(1,assertion->getSignature());
- DOMElement* rootElement = NULL;
+ CredentialCriteria cc;
+ cc.setUsage(Credential::SIGNING_CREDENTIAL);
+ Locker locker(m_resolver);
+ const Credential* cred = m_resolver->resolve(&cc);
+ TSM_ASSERT("Retrieved credential was null", cred!=nullptr);
+
+ DOMElement* rootElement = nullptr;
try {
- rootElement=assertion->marshall((DOMDocument*)NULL,&sigs);
+ rootElement=assertion->marshall((DOMDocument*)nullptr,&sigs,cred);
}
catch (XMLToolingException& e) {
TS_TRACE(e.what());
response->setStatus(status);
response->getAssertions().push_back(assertion);
response->setSignature(SignatureBuilder::buildSignature());
- response->getSignature()->setSigningKey(m_resolver->getKey());
- response->getSignature()->setKeyInfo(keyInfo->cloneKeyInfo());
// Sign response while marshalling.
sigs.clear();
sigs.push_back(response->getSignature());
- rootElement = NULL;
+ rootElement = nullptr;
try {
- rootElement=response->marshall((DOMDocument*)NULL,&sigs);
+ rootElement=response->marshall((DOMDocument*)nullptr,&sigs,cred);
}
catch (XMLToolingException& e) {
TS_TRACE(e.what());
assertEquals("Unmarshalled response does not match", expectedChildElementsDOM, response2.get(), false);
try {
- SignatureProfileValidator spv;
+ opensaml::SignatureProfileValidator spv;
spv.validate(dynamic_cast<Response*>(response2.get())->getAssertions().front()->getSignature());
spv.validate(dynamic_cast<Response*>(response2.get())->getSignature());
- SignatureValidator sv(new KeyResolver(m_resolver->getKey()));
+ SignatureValidator sv(cred);
sv.validate(dynamic_cast<Response*>(response2.get())->getAssertions().front()->getSignature());
sv.validate(dynamic_cast<Response*>(response2.get())->getSignature());
}