saml2/metadata/impl/ChainingMetadataProvider.cpp \
saml2/metadata/impl/DynamicMetadataProvider.cpp \
saml2/metadata/impl/EntityRoleMetadataFilter.cpp \
+ saml2/metadata/impl/MetadataCredentialCriteria.cpp \
saml2/metadata/impl/MetadataImpl.cpp \
saml2/metadata/impl/MetadataProvider.cpp \
saml2/metadata/impl/MetadataSchemaValidators.cpp \
#include "saml2/metadata/MetadataProvider.h"
#include <xmltooling/logging.h>
+#include <xmltooling/security/Credential.h>
#include <xmltooling/security/X509TrustEngine.h>
#include <xmltooling/util/ReplayCache.h>
>\r
</File>\r
<File\r
+ RelativePath=".\saml2\metadata\impl\MetadataCredentialCriteria.cpp"\r
+ >\r
+ </File>\r
+ <File\r
RelativePath=".\saml2\metadata\impl\MetadataImpl.cpp"\r
>\r
</File>\r
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <xmltooling/logging.h>
#include <xmltooling/encryption/Encrypter.h>
#include <xmltooling/encryption/Decrypter.h>
+#include <xmltooling/security/Credential.h>
+
+#include <xsec/utils/XSECPlatformUtils.hpp>
using namespace opensaml::saml2md;
using namespace opensaml::saml2;
#define __saml_metacrit_h__
#include <saml/base.h>
-#include <saml/saml2/metadata/MetadataCredentialContext.h>
#include <xmltooling/security/CredentialCriteria.h>
namespace opensaml {
*
* @param role source of metadata-supplied credentials
*/
- MetadataCredentialCriteria(const RoleDescriptor& role) : m_role(role) {
- const EntityDescriptor* entity = dynamic_cast<const EntityDescriptor*>(role.getParent());
- if (entity) {
- xmltooling::auto_ptr_char name(entity->getEntityID());
- setPeerName(name.get());
- }
- }
+ MetadataCredentialCriteria(const RoleDescriptor& role);
virtual ~MetadataCredentialCriteria() {}
return m_role;
}
- bool matches(const xmltooling::Credential& credential) const {
- const MetadataCredentialContext* context = dynamic_cast<const MetadataCredentialContext*>(credential.getCredentalContext());
- if (context) {
- // Check for a usage mismatch.
- if ((getUsage() & (xmltooling::Credential::SIGNING_CREDENTIAL | xmltooling::Credential::TLS_CREDENTIAL)) &&
- XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_ENCRYPTION))
- return false;
- else if ((getUsage() & xmltooling::Credential::ENCRYPTION_CREDENTIAL) &&
- XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_SIGNING))
- return false;
- }
- return CredentialCriteria::matches(credential);
- }
+ bool matches(const xmltooling::Credential& credential) const;
private:
const RoleDescriptor& m_role;
#include "internal.h"
#include "exceptions.h"
#include "saml/binding/SAMLArtifact.h"
+#include "saml2/metadata/Metadata.h"
#include "saml2/metadata/ObservableMetadataProvider.h"
#include "saml2/metadata/MetadataCredentialCriteria.h"
--- /dev/null
+/*
+ * Copyright 2001-2009 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * MetadataCredentialCriteria.cpp
+ *
+ * Metadata-based CredentialCriteria subclass.
+ */
+
+#include "internal.h"
+#include "saml2/metadata/MetadataCredentialContext.h"
+#include "saml2/metadata/MetadataCredentialCriteria.h"
+
+#include <xmltooling/security/Credential.h>
+
+using namespace opensaml::saml2md;
+using namespace xmltooling;
+
+MetadataCredentialCriteria::MetadataCredentialCriteria(const RoleDescriptor& role) : m_role(role)
+{
+ const EntityDescriptor* entity = dynamic_cast<const EntityDescriptor*>(role.getParent());
+ if (entity) {
+ auto_ptr_char name(entity->getEntityID());
+ setPeerName(name.get());
+ }
+}
+
+bool MetadataCredentialCriteria::matches(const Credential& credential) const
+{
+ const MetadataCredentialContext* context = dynamic_cast<const MetadataCredentialContext*>(credential.getCredentalContext());
+ if (context) {
+ // Check for a usage mismatch.
+ if ((getUsage() & (xmltooling::Credential::SIGNING_CREDENTIAL | xmltooling::Credential::TLS_CREDENTIAL)) &&
+ XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_ENCRYPTION))
+ return false;
+ else if ((getUsage() & xmltooling::Credential::ENCRYPTION_CREDENTIAL) &&
+ XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_SIGNING))
+ return false;
+ }
+ return CredentialCriteria::matches(credential);
+}
#include <xmltooling/signature/Signature.h>
#include <xercesc/util/XMLUniDefs.hpp>
#include <xsec/dsig/DSIGReference.hpp>
+#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/dsig/DSIGTransformC14n.hpp>
using namespace opensaml;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <xercesc/util/XMLUniDefs.hpp>
#include <xsec/dsig/DSIGReference.hpp>
+#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/dsig/DSIGTransformC14n.hpp>
#include <xsec/dsig/DSIGTransformList.hpp>
* limitations under the License.
*/
-/* siterefresh.cpp - command-line tool to refresh and verify metadata
-
- Scott Cantor
- 5/12/03
-
- $Id:siterefresh.cpp 2252 2007-05-20 20:20:57Z cantor $
-*/
+/**
+ * samlsign.cpp
+ *
+ * Command-line tool to sign and verify objects.
+ */
#if defined (_MSC_VER) || defined(__BORLANDC__)
# include "config_win32.h"
#include <saml/util/SAMLConstants.h>
#include <xmltooling/logging.h>
#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/security/Credential.h>
#include <xmltooling/security/SignatureTrustEngine.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/signature/SignatureValidator.h>
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <saml/saml2/metadata/MetadataProvider.h>
#include <saml/saml2/metadata/MetadataCredentialContext.h>
#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <xmltooling/security/Credential.h>
using namespace opensaml::saml2md;
using namespace opensaml::saml2;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <sstream>
#include <saml/signature/SignatureProfileValidator.h>
+#include <xmltooling/security/Credential.h>
#include <xmltooling/security/CredentialCriteria.h>
#include <xmltooling/security/CredentialResolver.h>
#include <xmltooling/signature/KeyInfo.h>