Multi-line svn commit, see body.

author Scott Cantor <cantor.2@osu.edu>

Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)
author Scott Cantor <cantor.2@osu.edu>
Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)
diff --git a/saml/binding/impl/ClientCertAuthRule.cpp b/saml/binding/impl/ClientCertAuthRule.cpp

index 262d2a7..8c30310 100644 (file)
--- a/saml/binding/impl/ClientCertAuthRule.cpp
+++ b/saml/binding/impl/ClientCertAuthRule.cpp
@@ -82,7 +82,7 @@ void ClientCertAuthRule::evaluate(const XMLObject& message, const GenericRequest
      MetadataCredentialCriteria cc(*(policy.getIssuerMetadata()));
      auto_ptr_char pn(policy.getIssuer()->getName());
      cc.setPeerName(pn.get());
-    cc.setUsage(CredentialCriteria::TLS_CREDENTIAL);
+    cc.setUsage(Credential::TLS_CREDENTIAL);
  
      if (!x509trust->validate(chain.front(), chain, *(policy.getMetadataProvider()), &cc)) {
          log.error("unable to verify certificate chain with supplied trust engine");
diff --git a/saml/saml2/core/impl/Assertions.cpp b/saml/saml2/core/impl/Assertions.cpp

index d87a9db..0e8b5f8 100644 (file)
--- a/saml/saml2/core/impl/Assertions.cpp
+++ b/saml/saml2/core/impl/Assertions.cpp
@@ -50,7 +50,7 @@ void EncryptedElementType::encrypt(
  {
      // With one recipient, we let the library generate the encryption key for us.
      // Get the key encryption key to use.
-    criteria.setUsage(CredentialCriteria::ENCRYPTION_CREDENTIAL);
+    criteria.setUsage(Credential::ENCRYPTION_CREDENTIAL);
      const Credential* KEK = metadataProvider.resolve(&criteria);
      if (!KEK)
          throw EncryptionException("No key encryption credential found.");
@@ -105,7 +105,7 @@ void EncryptedElementType::encrypt(
      // Now we encrypt the key for each recipient.
      for (vector< pair<const MetadataProvider*, MetadataCredentialCriteria*> >::const_iterator r = recipients.begin(); r!=recipients.end(); ++r) {
          // Get key encryption key to use.
-        r->second->setUsage(CredentialCriteria::ENCRYPTION_CREDENTIAL);
+        r->second->setUsage(Credential::ENCRYPTION_CREDENTIAL);
          const Credential* KEK = r->first->resolve(r->second);
          if (!KEK) {
              auto_ptr_char name(dynamic_cast<const EntityDescriptor*>(r->second->getRole().getParent())->getEntityID());
diff --git a/saml/saml2/metadata/MetadataCredentialCriteria.h b/saml/saml2/metadata/MetadataCredentialCriteria.h

index dfe4bcc..4aa54b8 100644 (file)
--- a/saml/saml2/metadata/MetadataCredentialCriteria.h
+++ b/saml/saml2/metadata/MetadataCredentialCriteria.h
@@ -64,10 +64,10 @@ namespace opensaml {
                  const MetadataCredentialContext* context = dynamic_cast<const MetadataCredentialContext*>(credential.getCredentalContext());
                  if (context) {
                      // Check for a usage mismatch.
-                    if ((getUsage()==CredentialCriteria::SIGNING_CREDENTIAL || getUsage()==CredentialCriteria::TLS_CREDENTIAL) &&
+                    if ((getUsage()==xmltooling::Credential::SIGNING_CREDENTIAL || getUsage()==xmltooling::Credential::TLS_CREDENTIAL) &&
                              XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_ENCRYPTION))
                          return false;
-                    else if (getUsage()==CredentialCriteria::ENCRYPTION_CREDENTIAL &&
+                    else if (getUsage()==xmltooling::Credential::ENCRYPTION_CREDENTIAL &&
                              XMLString::equals(context->getKeyDescriptor().getUse(),KeyDescriptor::KEYTYPE_SIGNING))
                          return false;
                  }
diff --git a/saml/saml2/metadata/impl/SignatureMetadataFilter.cpp b/saml/saml2/metadata/impl/SignatureMetadataFilter.cpp

index 3b70466..db93e5b 100644 (file)
--- a/saml/saml2/metadata/impl/SignatureMetadataFilter.cpp
+++ b/saml/saml2/metadata/impl/SignatureMetadataFilter.cpp
@@ -193,7 +193,7 @@ void SignatureMetadataFilter::verifySignature(Signature* sig, const XMLCh* peerN
  
      // Set up criteria.
      CredentialCriteria cc;
-    cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+    cc.setUsage(Credential::SIGNING_CREDENTIAL);
      cc.setSignature(*sig, CredentialCriteria::KEYINFO_EXTRACTION_KEY);
      if (peerName) {
          auto_ptr_char pname(peerName);
diff --git a/samlsign/samlsign.cpp b/samlsign/samlsign.cpp

index 8ee8e7d..91c7b9a 100644 (file)
--- a/samlsign/samlsign.cpp
+++ b/samlsign/samlsign.cpp
@@ -247,7 +247,7 @@ int main(int argc,char* argv[])
  
                  // Set up criteria.
                  CredentialCriteria cc;
-                cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                cc.setUsage(Credential::SIGNING_CREDENTIAL);
                  cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                  if (issuer)
                      cc.setPeerName(issuer);
@@ -313,7 +313,7 @@ int main(int argc,char* argv[])
                  else {
                      // Set up criteria.
                      CredentialCriteria cc;
-                    cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+                    cc.setUsage(Credential::SIGNING_CREDENTIAL);
                      cc.setSignature(*(signable->getSignature()), CredentialCriteria::KEYINFO_EXTRACTION_KEY);
                      if (issuer)
                          cc.setPeerName(issuer);
@@ -332,7 +332,7 @@ int main(int argc,char* argv[])
                  );
              Locker locker(cr.get());
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              const Credential* cred = cr->resolve(&cc);
              if (!cred)
                  throw XMLSecurityException("Unable to resolve a signing credential.");
diff --git a/samltest/data/binding/example-metadata.xml b/samltest/data/binding/example-metadata.xml

index 1a3f5f3..d09818b 100644 (file)
--- a/samltest/data/binding/example-metadata.xml
+++ b/samltest/data/binding/example-metadata.xml
@@ -7,9 +7,27 @@
                 \r
                 <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">\r
                         <KeyDescriptor>\r
-                           <ds:KeyInfo>\r
-                               <ds:RetrievalMethod URI="#samplekey" Type="http://www.w3.org/2000/09/xmldsig#X509Data"/>
-                           </ds:KeyInfo>\r
+                <ds:KeyInfo>\r
+                    <ds:KeyName>sp.example.org</ds:KeyName>\r
+                    <ds:X509Data>\r
+                        <ds:X509Certificate>\r
+                            MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV\r
+                            BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu\r
+                            b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC\r
+                            VVMxEjAQBgNVBAoTCUludGVybmV0MjEXMBUGA1UEAxMOc3AuZXhhbXBsZS5vcmcw\r
+                            gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANlZ1L1mKzYbUVKiMQLhZlfGDyYa\r
+                            /jjCiaXP0WhLNgvJpOTeajvsrApYNnFX5MLNzuC3NeQIjXUNLN2Yo2MCSthBIOL5\r
+                            qE5dka4z9W9zytoflW1LmJ8vXpx8Ay/meG4z//J5iCpYVEquA0xl28HUIlownZUF\r
+                            7w7bx0cF/02qrR23AgMBAAGjgZwwgZkwHQYDVR0OBBYEFJZiO1qsyAyc3HwMlL9p\r
+                            JpN6fbGwMGoGA1UdIwRjMGGAFJZiO1qsyAyc3HwMlL9pJpN6fbGwoT6kPDA6MQsw\r
+                            CQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMRcwFQYDVQQDEw5zcC5leGFt\r
+                            cGxlLm9yZ4IJAKk8t1hYcMkhMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQAD\r
+                            gYEAMFq/UeSQyngE0GpZueyD2UW0M358uhseYOgGEIfm+qXIFQF6MYwNoX7WFzhC\r
+                            LJZ2E6mEvZZFHCHUtl7mGDvsRwgZ85YCtRbvleEpqfgNQToto9pLYe+X6vvH9Z6p\r
+                            gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0=\r
+                        </ds:X509Certificate>\r
+                    </ds:X509Data>\r
+                </ds:KeyInfo>\r
                         </KeyDescriptor>\r
  \r
                         <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:protocol"\r
@@ -32,7 +50,7 @@
         \r
                 <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">\r
                         <KeyDescriptor>\r
-                               <ds:KeyInfo Id="samplekey">\r
+                               <ds:KeyInfo>\r
                                         <ds:KeyName>sp.example.org</ds:KeyName>\r
                                 <ds:X509Data>
                                         <ds:X509Certificate>
diff --git a/samltest/encryption/EncryptedAssertionTest.h b/samltest/encryption/EncryptedAssertionTest.h

index ef959dc..2fa9f93 100644 (file)
--- a/samltest/encryption/EncryptedAssertionTest.h
+++ b/samltest/encryption/EncryptedAssertionTest.h
@@ -95,7 +95,7 @@ public:
          // Sign while marshalling.
          vector<Signature*> sigs(1,sig);
          CredentialCriteria cc;
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
          Locker locker(m_resolver);
          const Credential* cred = m_resolver->resolve(&cc);
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/saml1/binding/SAML1ArtifactTest.h b/samltest/saml1/binding/SAML1ArtifactTest.h

index ae593b1..55b6bdf 100644 (file)
--- a/samltest/saml1/binding/SAML1ArtifactTest.h
+++ b/samltest/saml1/binding/SAML1ArtifactTest.h
@@ -53,7 +53,7 @@ public:
              janitor.release();\r
  \r
              CredentialCriteria cc;\r
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);\r
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);\r
              Locker clocker(m_creds);\r
              const Credential* cred = m_creds->resolve(&cc);\r
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);\r
@@ -126,7 +126,7 @@ public:
          response->setSignature(SignatureBuilder::buildSignature());\r
          vector<Signature*> sigs(1,response->getSignature());\r
          CredentialCriteria cc;\r
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);\r
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);\r
          Locker clocker(m_creds);\r
          const Credential* cred = m_creds->resolve(&cc);\r
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);\r
diff --git a/samltest/saml1/binding/SAML1POSTTest.h b/samltest/saml1/binding/SAML1POSTTest.h

index 2621fa2..611da59 100644 (file)
--- a/samltest/saml1/binding/SAML1POSTTest.h
+++ b/samltest/saml1/binding/SAML1POSTTest.h
@@ -48,7 +48,7 @@ public:
              janitor.release();
  
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              Locker clocker(m_creds);
              const Credential* cred = m_creds->resolve(&cc);
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/saml2/binding/SAML2ArtifactTest.h b/samltest/saml2/binding/SAML2ArtifactTest.h

index 46c33b0..77a419b 100644 (file)
--- a/samltest/saml2/binding/SAML2ArtifactTest.h
+++ b/samltest/saml2/binding/SAML2ArtifactTest.h
@@ -52,7 +52,7 @@ public:
              janitor.release();
  
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              Locker clocker(m_creds);
              const Credential* cred = m_creds->resolve(&cc);
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/saml2/binding/SAML2POSTTest.h b/samltest/saml2/binding/SAML2POSTTest.h

index 1b4a05f..cce2a12 100644 (file)
--- a/samltest/saml2/binding/SAML2POSTTest.h
+++ b/samltest/saml2/binding/SAML2POSTTest.h
@@ -48,7 +48,7 @@ public:
              janitor.release();
  
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              Locker clocker(m_creds);
              const Credential* cred = m_creds->resolve(&cc);
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);
@@ -121,7 +121,7 @@ public:
              janitor.release();
  
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              Locker clocker(m_creds);
              const Credential* cred = m_creds->resolve(&cc);
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/saml2/binding/SAML2RedirectTest.h b/samltest/saml2/binding/SAML2RedirectTest.h

index 8a78a0e..862d75d 100644 (file)
--- a/samltest/saml2/binding/SAML2RedirectTest.h
+++ b/samltest/saml2/binding/SAML2RedirectTest.h
@@ -48,7 +48,7 @@ public:
              janitor.release();
  
              CredentialCriteria cc;
-            cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+            cc.setUsage(Credential::SIGNING_CREDENTIAL);
              Locker clocker(m_creds);
              const Credential* cred = m_creds->resolve(&cc);
              TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/signature/SAML1AssertionTest.h b/samltest/signature/SAML1AssertionTest.h

index 51cb1f1..1edf109 100644 (file)
--- a/samltest/signature/SAML1AssertionTest.h
+++ b/samltest/signature/SAML1AssertionTest.h
@@ -62,7 +62,7 @@ public:
          // Sign while marshalling.
          vector<Signature*> sigs(1,sig);
          CredentialCriteria cc;
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
          Locker locker(m_resolver);
          const Credential* cred = m_resolver->resolve(&cc);
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/signature/SAML1RequestTest.h b/samltest/signature/SAML1RequestTest.h

index cebe076..45b6bab 100644 (file)
--- a/samltest/signature/SAML1RequestTest.h
+++ b/samltest/signature/SAML1RequestTest.h
@@ -62,7 +62,7 @@ public:
          // Sign while marshalling.
          vector<Signature*> sigs(1,sig);
          CredentialCriteria cc;
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
          Locker locker(m_resolver);
          const Credential* cred = m_resolver->resolve(&cc);
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/signature/SAML1ResponseTest.h b/samltest/signature/SAML1ResponseTest.h

index 6a67106..a44a261 100644 (file)
--- a/samltest/signature/SAML1ResponseTest.h
+++ b/samltest/signature/SAML1ResponseTest.h
@@ -65,7 +65,7 @@ public:
          // Sign assertion while marshalling.
          vector<Signature*> sigs(1,assertion->getSignature());
          CredentialCriteria cc;
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
          Locker locker(m_resolver);
          const Credential* cred = m_resolver->resolve(&cc);
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);
diff --git a/samltest/signature/SAML2AssertionTest.h b/samltest/signature/SAML2AssertionTest.h

index 1c5f2c6..38fec27 100644 (file)
--- a/samltest/signature/SAML2AssertionTest.h
+++ b/samltest/signature/SAML2AssertionTest.h
@@ -70,7 +70,7 @@ public:
          // Sign while marshalling.
          vector<Signature*> sigs(1,sig);
          CredentialCriteria cc;
-        cc.setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+        cc.setUsage(Credential::SIGNING_CREDENTIAL);
          Locker locker(m_resolver);
          const Credential* cred = m_resolver->resolve(&cc);
          TSM_ASSERT("Retrieved credential was null", cred!=NULL);
author	Scott Cantor <cantor.2@osu.edu>
	Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Wed, 17 Oct 2007 05:15:54 +0000 (05:15 +0000)
saml/binding/impl/ClientCertAuthRule.cpp		patch \| blob \| history
saml/saml2/core/impl/Assertions.cpp		patch \| blob \| history
saml/saml2/metadata/MetadataCredentialCriteria.h		patch \| blob \| history
saml/saml2/metadata/impl/SignatureMetadataFilter.cpp		patch \| blob \| history
samlsign/samlsign.cpp		patch \| blob \| history
samltest/data/binding/example-metadata.xml		patch \| blob \| history
samltest/encryption/EncryptedAssertionTest.h		patch \| blob \| history
samltest/saml1/binding/SAML1ArtifactTest.h		patch \| blob \| history
samltest/saml1/binding/SAML1POSTTest.h		patch \| blob \| history
samltest/saml2/binding/SAML2ArtifactTest.h		patch \| blob \| history
samltest/saml2/binding/SAML2POSTTest.h		patch \| blob \| history
samltest/saml2/binding/SAML2RedirectTest.h		patch \| blob \| history
samltest/signature/SAML1AssertionTest.h		patch \| blob \| history
samltest/signature/SAML1RequestTest.h		patch \| blob \| history
samltest/signature/SAML1ResponseTest.h		patch \| blob \| history
samltest/signature/SAML2AssertionTest.h		patch \| blob \| history