\r
<cdtproject id="org.eclipse.cdt.make.core.make">\r
<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>\r
-<extension id="org.eclipse.cdt.core.domsourceindexer" point="org.eclipse.cdt.core.CIndexer"/>\r
+<extension id="org.eclipse.cdt.core.nullindexer" point="org.eclipse.cdt.core.CIndexer"/>\r
<data>\r
<item id="scannerConfiguration">\r
<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId="org.eclipse.cdt.make.core.GCCStandardMakePerProjectProfile"/>\r
SAMLConfig.h
siginclude_HEADERS = \
- signature/SigningContext.h \
- signature/VerifyingContext.h
+ signature/ContentReference.h \
+ signature/SignableObject.h \
+ signature/SignatureProfileValidator.h
utilinclude_HEADERS = \
util/SAMLConstants.h
saml1/core/impl/AssertionsSchemaValidators.cpp \
saml1/core/impl/ProtocolsImpl.cpp \
saml1/core/impl/ProtocolsSchemaValidators.cpp \
- signature/SigningContext.cpp \
- signature/VerifyingContext.cpp \
+ signature/ContentReference.cpp \
+ signature/SignatureProfileValidator.cpp \
util/SAMLConstants.cpp
# this is different from the project version
Name="signature"\r
>\r
<File\r
- RelativePath=".\signature\SigningContext.cpp"\r
+ RelativePath=".\signature\ContentReference.cpp"\r
>\r
</File>\r
<File\r
- RelativePath=".\signature\VerifyingContext.cpp"\r
+ RelativePath=".\signature\SignatureProfileValidator.cpp"\r
>\r
</File>\r
</Filter>\r
Name="signature"\r
>\r
<File\r
- RelativePath=".\signature\SigningContext.h"\r
+ RelativePath=".\signature\ContentReference.h"\r
>\r
</File>\r
<File\r
- RelativePath=".\signature\VerifyingContext.h"\r
+ RelativePath=".\signature\SignableObject.h"\r
+ >\r
+ </File>\r
+ <File\r
+ RelativePath=".\signature\SignatureProfileValidator.h"\r
>\r
</File>\r
</Filter>\r
#define __saml1_assertions_h__
#include <saml/exceptions.h>
+#include <saml/signature/SignableObject.h>
#include <saml/util/SAMLConstants.h>
+
#include <xmltooling/AttributeExtensibleXMLObject.h>
#include <xmltooling/ElementProxy.h>
#include <xmltooling/SimpleElement.h>
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,Assertion,xmltooling::XMLObject,SAML 1.x Assertion element);
+ BEGIN_XMLOBJECT(SAML_API,Assertion,SignableObject,SAML 1.x Assertion element);
DECL_INTEGER_ATTRIB(MinorVersion,MINORVERSION);
DECL_STRING_ATTRIB(AssertionID,ASSERTIONID);
DECL_STRING_ATTRIB(Issuer,ISSUER);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,AbstractRequest,xmltooling::XMLObject,SAML 1.x RequestAbstractType base type);
+ BEGIN_XMLOBJECT(SAML_API,AbstractRequest,SignableObject,SAML 1.x RequestAbstractType base type);
DECL_INTEGER_ATTRIB(MinorVersion,MINORVERSION);
DECL_STRING_ATTRIB(RequestID,REQUESTID);
DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
+ BEGIN_XMLOBJECT(SAML_API,Status,xmltooling::XMLObject,SAML 1.x Status element);
+ DECL_TYPED_CHILD(StatusCode);
+ DECL_TYPED_CHILD(StatusMessage);
+ DECL_TYPED_CHILD(StatusDetail);
+ /** StatusType local name */
+ static const XMLCh TYPE_NAME[];
+ END_XMLOBJECT;
+
+ BEGIN_XMLOBJECT(SAML_API,AbstractResponse,SignableObject,SAML 1.x ResponseAbstractType base type);
+ DECL_INTEGER_ATTRIB(MinorVersion,MINORVERSION);
+ DECL_STRING_ATTRIB(ResponseID,RESPONSEID);
+ DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
+ DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
+ DECL_STRING_ATTRIB(Recipient,RECIPIENT);
+ DECL_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
+ END_XMLOBJECT;
+
+ BEGIN_XMLOBJECT(SAML_API,Response,AbstractResponse,SAML 1.x Response element);
+ DECL_TYPED_CHILD(Status);
+ DECL_TYPED_CHILDREN(Assertion);
+ /** ResponseType local name */
+ static const XMLCh TYPE_NAME[];
+ END_XMLOBJECT;
+
DECL_SAML1POBJECTBUILDER(AssertionArtifact);
DECL_SAML1POBJECTBUILDER(AttributeQuery);
DECL_SAML1POBJECTBUILDER(AuthenticationQuery);
DECL_SAML1POBJECTBUILDER(AuthorizationDecisionQuery);
DECL_SAML1POBJECTBUILDER(Request);
DECL_SAML1POBJECTBUILDER(RespondWith);
+ DECL_SAML1POBJECTBUILDER(Response);
+ DECL_SAML1POBJECTBUILDER(Status);
DECL_SAML1POBJECTBUILDER(StatusCode);
DECL_SAML1POBJECTBUILDER(StatusDetail);
DECL_SAML1POBJECTBUILDER(StatusMessage);
public AbstractXMLObjectMarshaller,
public AbstractXMLObjectUnmarshaller
{
+ void init() {
+ m_MinorVersion=1;
+ m_AssertionID=NULL;
+ m_Issuer=NULL;
+ m_IssueInstant=NULL;
+ m_children.push_back(NULL);
+ m_children.push_back(NULL);
+ m_children.push_back(NULL);
+ m_Conditions=NULL;
+ m_Advice=NULL;
+ m_Signature=NULL;
+ m_pos_Conditions=m_children.begin();
+ m_pos_Advice=m_pos_Conditions;
+ m_pos_Advice++;
+ m_pos_Signature=m_pos_Advice;
+ m_pos_Signature++;
+ }
public:
virtual ~AssertionImpl() {
XMLString::release(&m_AssertionID);
}
}
- void init() {
- m_MinorVersion=1;
- m_AssertionID=NULL;
- m_Issuer=NULL;
- m_IssueInstant=NULL;
- m_children.push_back(NULL);
- m_children.push_back(NULL);
- m_children.push_back(NULL);
- m_Conditions=NULL;
- m_Advice=NULL;
- m_Signature=NULL;
- m_pos_Conditions=m_children.begin();
- m_pos_Advice=m_pos_Conditions;
- m_pos_Advice++;
- m_pos_Signature=m_pos_Advice;
- m_pos_Signature++;
+ const XMLCh* getId() const {
+ return getAssertionID();
+ }
+
+ //IMPL_TYPED_CHILD(Signature);
+ // Need customized setter.
+ protected:
+ Signature* m_Signature;
+ list<XMLObject*>::iterator m_pos_Signature;
+ public:
+ Signature* getSignature() const {
+ return m_Signature;
+ }
+
+ void setSignature(Signature* sig) {
+ prepareForAssignment(m_Signature,sig);
+ *m_pos_Signature=m_Signature=sig;
+ // Sync content reference back up.
+ if (m_Signature)
+ m_Signature->setContentReference(new opensaml::ContentReference(*this));
}
IMPL_XMLOBJECT_CLONE(Assertion);
IMPL_DATETIME_ATTRIB(IssueInstant);
IMPL_TYPED_CHILD(Conditions);
IMPL_TYPED_CHILD(Advice);
- IMPL_TYPED_CHILD(Signature);
IMPL_TYPED_CHILDREN(Statement, m_pos_Signature);
IMPL_TYPED_CHILDREN(SubjectStatement, m_pos_Signature);
IMPL_TYPED_CHILDREN(AuthenticationStatement, m_pos_Signature);
}
}
+ const XMLCh* getId() const {
+ return getRequestID();
+ }
+
+ //IMPL_TYPED_CHILD(Signature);
+ // Need customized setter.
+ protected:
+ Signature* m_Signature;
+ list<XMLObject*>::iterator m_pos_Signature;
+ public:
+ Signature* getSignature() const {
+ return m_Signature;
+ }
+
+ void setSignature(Signature* sig) {
+ prepareForAssignment(m_Signature,sig);
+ *m_pos_Signature=m_Signature=sig;
+ // Sync content reference back up.
+ if (m_Signature)
+ m_Signature->setContentReference(new opensaml::ContentReference(*this));
+ }
+
IMPL_INTEGER_ATTRIB(MinorVersion);
IMPL_STRING_ATTRIB(RequestID);
IMPL_DATETIME_ATTRIB(IssueInstant);
IMPL_TYPED_CHILDREN(RespondWith,m_pos_Signature);
- IMPL_TYPED_CHILD(Signature);
protected:
void marshallAttributes(DOMElement* domElement) const {
}
};
+ class SAML_DLLLOCAL StatusImpl : public virtual Status,
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractValidatingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
+ {
+ void init() {
+ m_children.push_back(NULL);
+ m_children.push_back(NULL);
+ m_children.push_back(NULL);
+ m_StatusCode=NULL;
+ m_pos_StatusCode=m_children.begin();
+ m_StatusMessage=NULL;
+ m_pos_StatusMessage=m_pos_StatusCode;
+ m_pos_StatusMessage++;
+ m_StatusDetail=NULL;
+ m_pos_StatusDetail=m_pos_StatusMessage;
+ m_pos_StatusDetail++;
+ }
+ public:
+ virtual ~StatusImpl() {}
+
+ StatusImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+ : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+ init();
+ }
+
+ StatusImpl(const StatusImpl& src)
+ : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) {
+ init();
+ if (src.getStatusCode())
+ setStatusCode(src.getStatusCode()->cloneStatusCode());
+ if (src.getStatusMessage())
+ setStatusMessage(src.getStatusMessage()->cloneStatusMessage());
+ if (src.getStatusDetail())
+ setStatusDetail(src.getStatusDetail()->cloneStatusDetail());
+ }
+
+ IMPL_XMLOBJECT_CLONE(Status);
+ IMPL_TYPED_CHILD(StatusCode);
+ IMPL_TYPED_CHILD(StatusMessage);
+ IMPL_TYPED_CHILD(StatusDetail);
+
+ protected:
+ void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
+ PROC_TYPED_CHILD(StatusCode,SAMLConstants::SAML1P_NS,false);
+ PROC_TYPED_CHILD(StatusMessage,SAMLConstants::SAML1P_NS,false);
+ PROC_TYPED_CHILD(StatusDetail,SAMLConstants::SAML1P_NS,false);
+ AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
+ }
+ };
+
+ class SAML_DLLLOCAL AbstractResponseImpl : public virtual AbstractResponse,
+ public AbstractComplexElement,
+ public AbstractDOMCachingXMLObject,
+ public AbstractValidatingXMLObject,
+ public AbstractXMLObjectMarshaller,
+ public AbstractXMLObjectUnmarshaller
+ {
+ void init() {
+ m_MinorVersion=1;
+ m_ResponseID=NULL;
+ m_InResponseTo=NULL;
+ m_IssueInstant=NULL;
+ m_Recipient=NULL;
+ m_children.push_back(NULL);
+ m_Signature=NULL;
+ m_pos_Signature=m_children.begin();
+ }
+ protected:
+ AbstractResponseImpl() {}
+ public:
+ virtual ~AbstractResponseImpl() {
+ XMLString::release(&m_ResponseID);
+ XMLString::release(&m_InResponseTo);
+ XMLString::release(&m_Recipient);
+ delete m_IssueInstant;
+ }
+
+ AbstractResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+ : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+ init();
+ }
+
+ AbstractResponseImpl(const AbstractResponseImpl& src)
+ : AbstractXMLObject(src),
+ AbstractDOMCachingXMLObject(src),
+ AbstractValidatingXMLObject(src) {
+ init();
+ setMinorVersion(src.getMinorVersion());
+ setResponseID(src.getResponseID());
+ setInResponseTo(src.getInResponseTo());
+ setIssueInstant(src.getIssueInstant());
+ setRecipient(src.getRecipient());
+ if (src.getSignature())
+ setSignature(src.getSignature()->cloneSignature());
+ }
+
+ const XMLCh* getId() const {
+ return getResponseID();
+ }
+
+ //IMPL_TYPED_CHILD(Signature);
+ // Need customized setter.
+ protected:
+ Signature* m_Signature;
+ list<XMLObject*>::iterator m_pos_Signature;
+ public:
+ Signature* getSignature() const {
+ return m_Signature;
+ }
+
+ void setSignature(Signature* sig) {
+ prepareForAssignment(m_Signature,sig);
+ *m_pos_Signature=m_Signature=sig;
+ // Sync content reference back up.
+ if (m_Signature)
+ m_Signature->setContentReference(new opensaml::ContentReference(*this));
+ }
+
+ IMPL_INTEGER_ATTRIB(MinorVersion);
+ IMPL_STRING_ATTRIB(ResponseID);
+ IMPL_STRING_ATTRIB(InResponseTo);
+ IMPL_DATETIME_ATTRIB(IssueInstant);
+ IMPL_STRING_ATTRIB(Recipient);
+
+ protected:
+ void marshallAttributes(DOMElement* domElement) const {
+ static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n);
+ static const XMLCh ONE[] = { chDigit_1, chNull };
+ domElement->setAttributeNS(NULL,MAJORVERSION,ONE);
+ MARSHALL_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL);
+ if (!m_ResponseID)
+ const_cast<AbstractResponseImpl*>(this)->m_ResponseID=SAMLConfig::getConfig().generateIdentifier();
+ MARSHALL_ID_ATTRIB(ResponseID,RESPONSEID,NULL);
+ MARSHALL_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
+ if (!m_IssueInstant)
+ const_cast<AbstractResponseImpl*>(this)->m_IssueInstant=new DateTime(time(NULL));
+ MARSHALL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT,NULL);
+ MARSHALL_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
+ }
+
+ void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
+ PROC_TYPED_CHILD(Signature,XMLConstants::XMLSIG_NS,false);
+ AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
+ }
+
+ void processAttribute(const DOMAttr* attribute) {
+ static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n);
+ if (XMLHelper::isNodeNamed(attribute,NULL,MAJORVERSION)) {
+ if (XMLString::parseInt(attribute->getValue()) != 1)
+ throw UnmarshallingException("Response has invalid major version.");
+ }
+ PROC_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL);
+ PROC_ID_ATTRIB(ResponseID,RESPONSEID,NULL);
+ PROC_STRING_ATTRIB(InResponseTo,INRESPONSETO,NULL);
+ PROC_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT,NULL);
+ PROC_STRING_ATTRIB(Recipient,RECIPIENT,NULL);
+ }
+ };
+
+ class SAML_DLLLOCAL ResponseImpl : public virtual Response, public AbstractResponseImpl
+ {
+ void init() {
+ m_children.push_back(NULL);
+ m_Status=NULL;
+ m_pos_Status=m_pos_Signature;
+ m_pos_Status++;
+ }
+ public:
+ virtual ~ResponseImpl() {}
+
+ ResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
+ : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
+ init();
+ }
+
+ ResponseImpl(const ResponseImpl& src)
+ : AbstractXMLObject(src), AbstractResponseImpl(src) {
+ init();
+ if (src.getStatus())
+ setStatus(src.getStatus()->cloneStatus());
+ VectorOf(Assertion) v=getAssertions();
+ for (vector<Assertion*>::const_iterator i=src.m_Assertions.begin(); i!=src.m_Assertions.end(); i++) {
+ if (*i) {
+ v.push_back((*i)->cloneAssertion());
+ }
+ }
+ }
+
+ IMPL_XMLOBJECT_CLONE(Response);
+ AbstractResponse* cloneAbstractResponse() const {
+ return cloneResponse();
+ }
+ IMPL_TYPED_CHILD(Status);
+ IMPL_TYPED_CHILDREN(Assertion, m_children.end());
+
+ protected:
+ void processChildElement(XMLObject* childXMLObject, const DOMElement* root) {
+ PROC_TYPED_CHILD(Status,SAMLConstants::SAML1P_NS,false);
+ PROC_TYPED_CHILDREN(Assertion,SAMLConstants::SAML1_NS,true);
+ AbstractResponseImpl::processChildElement(childXMLObject,root);
+ }
+ };
+
};
};
IMPL_XMLOBJECTBUILDER(AuthorizationDecisionQuery);
IMPL_XMLOBJECTBUILDER(Request);
IMPL_XMLOBJECTBUILDER(RespondWith);
+IMPL_XMLOBJECTBUILDER(Response);
+IMPL_XMLOBJECTBUILDER(Status);
IMPL_XMLOBJECTBUILDER(StatusCode);
IMPL_XMLOBJECTBUILDER(StatusDetail);
IMPL_XMLOBJECTBUILDER(StatusMessage);
const XMLCh AbstractRequest::MINORVERSION_ATTRIB_NAME[] = UNICODE_LITERAL_12(M,i,n,o,r,V,e,r,s,i,o,n);
const XMLCh AbstractRequest::REQUESTID_ATTRIB_NAME[] = UNICODE_LITERAL_9(R,e,q,u,e,s,t,I,D);
const XMLCh AbstractRequest::ISSUEINSTANT_ATTRIB_NAME[] = UNICODE_LITERAL_12(I,s,s,u,e,I,n,s,t,a,n,t);
+const XMLCh AbstractResponse::MINORVERSION_ATTRIB_NAME[] = UNICODE_LITERAL_12(M,i,n,o,r,V,e,r,s,i,o,n);
+const XMLCh AbstractResponse::RESPONSEID_ATTRIB_NAME[] = UNICODE_LITERAL_10(R,e,s,p,o,n,s,e,I,D);
+const XMLCh AbstractResponse::ISSUEINSTANT_ATTRIB_NAME[] = UNICODE_LITERAL_12(I,s,s,u,e,I,n,s,t,a,n,t);
+const XMLCh AbstractResponse::INRESPONSETO_ATTRIB_NAME[] = UNICODE_LITERAL_12(I,n,R,e,s,p,o,n,s,e,T,o);
+const XMLCh AbstractResponse::RECIPIENT_ATTRIB_NAME[] = UNICODE_LITERAL_9(R,e,c,i,p,i,e,n,t);
const XMLCh AssertionArtifact::LOCAL_NAME[] = UNICODE_LITERAL_17(A,s,s,e,r,t,i,o,n,A,r,t,i,f,a,c,t);
const XMLCh AttributeQuery::LOCAL_NAME[] = UNICODE_LITERAL_14(A,t,t,r,i,b,u,t,e,Q,u,e,r,y);
const XMLCh AttributeQuery::TYPE_NAME[] = UNICODE_LITERAL_18(A,t,t,r,i,b,u,t,e,Q,u,e,r,y,T,y,p,e);
const XMLCh Request::LOCAL_NAME[] = UNICODE_LITERAL_7(R,e,q,u,e,s,t);
const XMLCh Request::TYPE_NAME[] = UNICODE_LITERAL_11(R,e,q,u,e,s,t,T,y,p,e);
const XMLCh RespondWith::LOCAL_NAME[] = UNICODE_LITERAL_11(R,e,s,p,o,n,d,W,i,t,h);
+const XMLCh Response::LOCAL_NAME[] = UNICODE_LITERAL_8(R,e,s,p,o,n,s,e);
+const XMLCh Response::TYPE_NAME[] = UNICODE_LITERAL_12(R,e,s,p,o,n,s,e,T,y,p,e);
+const XMLCh Status::LOCAL_NAME[] = UNICODE_LITERAL_6(S,t,a,t,u,s);
+const XMLCh Status::TYPE_NAME[] = UNICODE_LITERAL_10(S,t,a,t,u,s,T,y,p,e);
const XMLCh StatusCode::LOCAL_NAME[] = UNICODE_LITERAL_10(S,t,a,t,u,s,C,o,d,e);
const XMLCh StatusCode::TYPE_NAME[] = UNICODE_LITERAL_14(S,t,a,t,u,s,C,o,d,e,T,y,p,e);
const XMLCh StatusCode::VALUE_ATTRIB_NAME[] = UNICODE_LITERAL_5(V,a,l,u,e);
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,StatusCode);
XMLOBJECTVALIDATOR_REQUIRE(StatusCode,Value);
END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Status);
+ XMLOBJECTVALIDATOR_REQUIRE(Status,StatusCode);
+ const QName* value=ptr->getStatusCode()->getValue();
+ if (!value || (*value!=StatusCode::SUCCESS && *value!=StatusCode::REQUESTER &&
+ *value!=StatusCode::RESPONDER && *value!=StatusCode::VERSIONMISMATCH))
+ throw ValidationException("Top-level status code not one of the allowable values.");
+ END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Response);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,ResponseID);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,IssueInstant);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,Status);
+ END_XMLOBJECTVALIDATOR;
};
};
REGISTER_ELEMENT(AuthorizationDecisionQuery);
REGISTER_ELEMENT(Request);
REGISTER_ELEMENT(RespondWith);
+ REGISTER_ELEMENT(Response);
+ REGISTER_ELEMENT(Status);
REGISTER_ELEMENT(StatusCode);
REGISTER_ELEMENT_NOVAL(StatusDetail);
REGISTER_ELEMENT(StatusMessage);
REGISTER_TYPE(AuthenticationQuery);
REGISTER_TYPE(AuthorizationDecisionQuery);
REGISTER_TYPE(Request);
+ REGISTER_TYPE(Response);
+ REGISTER_TYPE(Status);
REGISTER_TYPE(StatusCode);
REGISTER_TYPE_NOVAL(StatusDetail);
}
*/\r
\r
/**\r
- * SigningContext.cpp\r
+ * ContentReference.cpp\r
* \r
- * SAML-specific signature construction \r
+ * SAML-specific signature reference profile \r
*/\r
\r
#include "internal.h"\r
-#include "signature/SigningContext.h"\r
+#include "signature/ContentReference.h"\r
+#include "signature/SignableObject.h"\r
\r
+#include <xmltooling/signature/Signature.h>\r
#include <xercesc/util/XMLUniDefs.hpp>\r
#include <xsec/dsig/DSIGReference.hpp>\r
#include <xsec/dsig/DSIGTransformC14n.hpp>\r
}\r
};\r
\r
-bool SigningContext::createSignature(DSIGSignature* sig)\r
+void ContentReference::createReferences(DSIGSignature* sig)\r
{\r
+ const XMLCh* id=m_signableObject.getId();\r
+ if (!id || !*id)\r
+ throw xmlsignature::SignatureException("Cannot create Signature reference to SAML object without an identifier."); \r
+ \r
DSIGReference* ref=NULL;\r
- XMLCh* buf=new XMLCh[XMLString::stringLen(m_id) + 2];\r
+ XMLCh* buf=new XMLCh[XMLString::stringLen(id) + 2];\r
buf[0]=chPound;\r
buf[1]=chNull;\r
- XMLString::catString(buf,m_id);\r
+ XMLString::catString(buf,id);\r
try {\r
ref=sig->createReference(buf);\r
delete[] buf;\r
ref->appendEnvelopedSignatureTransform();\r
DSIGTransformC14n* c14n=ref->appendCanonicalizationTransform(CANON_C14NE_NOC);\r
for_each(m_prefixes.begin(), m_prefixes.end(), bind1st(_addprefix(),c14n));\r
- \r
- return false;\r
}\r
--- /dev/null
+/*\r
+ * Copyright 2001-2006 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * @file SigningContext.h\r
+ * \r
+ * SAML-specific signature reference profile \r
+ */\r
+\r
+#ifndef __saml_sigref_h__\r
+#define __saml_sigref_h__\r
+\r
+#include <saml/base.h>\r
+#include <xmltooling/signature/ContentReference.h>\r
+\r
+namespace opensaml {\r
+\r
+ class SAML_API SignableObject;\r
+\r
+ /**\r
+ * SAML-specific signature reference profile.\r
+ */\r
+ class SAML_API ContentReference : public virtual xmlsignature::ContentReference\r
+ {\r
+ public:\r
+ /**\r
+ * Constructor.\r
+ * \r
+ * @param signableObject reference to object being signed\r
+ */\r
+ ContentReference(const SignableObject& signableObject) : m_signableObject(signableObject) {\r
+ }\r
+ \r
+ virtual ~ContentReference() {}\r
+\r
+ /**\r
+ * Given a "blank" native signature, creates signature reference\r
+ * appropriate for the SAML object being signed.\r
+ * \r
+ * @param sig native signature interface\r
+ */\r
+ virtual void createReferences(DSIGSignature* sig);\r
+ \r
+ /**\r
+ * Adds a namespace prefix for "inclusive" processing by the\r
+ * Exclusive C14N Transform applied to the object.\r
+ * An empty string will be transformed into "#default".\r
+ * \r
+ * @param prefix the prefix to add \r
+ */\r
+ void addInclusivePrefix(const char* prefix) {\r
+ m_prefixes.push_back(prefix);\r
+ }\r
+\r
+ protected:\r
+ /** Reference to object to sign. */\r
+ const SignableObject& m_signableObject;\r
+\r
+ /** Inclusive prefixes. */\r
+ std::vector<std::string> m_prefixes;\r
+ };\r
+\r
+};\r
+\r
+#endif /* __saml_sigref_h__ */\r
--- /dev/null
+/*\r
+ * Copyright 2001-2006 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * @file SignableObject.h\r
+ * \r
+ * Base class for SAML objects that can be signed. \r
+ */\r
+\r
+#ifndef __saml_signable_h__\r
+#define __saml_signable_h__\r
+\r
+#include <saml/base.h>\r
+#include <saml/signature/ContentReference.h>\r
+#include <xmltooling/XMLObject.h>\r
+\r
+namespace opensaml {\r
+\r
+ /**\r
+ * Base class for SAML objects that can be signed.\r
+ */\r
+ class SAML_API SignableObject : public virtual xmltooling::XMLObject\r
+ {\r
+ public:\r
+ virtual ~SignableObject() {}\r
+\r
+ /**\r
+ * Returns the XML ID for the object being signed, for input to the\r
+ * reference creation process. \r
+ * \r
+ * @return XML ID or NULL if not set yet \r
+ */\r
+ virtual const XMLCh* getId() const=0;\r
+\r
+ /**\r
+ * Gets a new ContentReference object bound to this object.\r
+ * It's lifetime must not outlast this object, so it should\r
+ * generally be set into a Signature owned by the object.\r
+ * \r
+ * @return a new ContentReference\r
+ */\r
+ virtual ContentReference* getContentReference() const {\r
+ return new ContentReference(*this);\r
+ }\r
+ \r
+ protected:\r
+ SignableObject() {}\r
+ };\r
+\r
+};\r
+\r
+#endif /* __saml_signable_h__ */\r
*/\r
\r
#include "internal.h"\r
-#include "signature/VerifyingContext.h"\r
+#include "exceptions.h"\r
+#include "signature/SignatureProfileValidator.h"\r
\r
#include <xmltooling/signature/Signature.h>\r
\r
#include <xsec/dsig/DSIGTransformList.hpp>\r
\r
using namespace opensaml;\r
+using namespace xmlsignature;\r
+using namespace xmltooling;\r
using namespace std;\r
\r
-void VerifyingContext::verifySignature(DSIGSignature* sig) const\r
+void SignatureProfileValidator::validate(const XMLObject* xmlObject) const\r
{\r
- bool valid=false;\r
+ const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);\r
+ if (!sigObj)\r
+ throw ValidationException("Validator only applies to Signature objects.");\r
+ DSIGSignature* sig=sigObj->getXMLSignature();\r
+ if (!sig)\r
+ throw ValidationException("Signature does not exist yet.");\r
\r
+ const SignableObject* signableObj=dynamic_cast<const SignableObject*>(sigObj->getParent());\r
+ if (!signableObj)\r
+ throw ValidationException("Signature is not a child of a signable SAML object.");\r
+ \r
+ bool valid=false;\r
DSIGReferenceList* refs=sig->getReferenceList();\r
if (refs && refs->getSize()==1) {\r
DSIGReference* ref=refs->item(0);\r
if (ref) {\r
const XMLCh* URI=ref->getURI();\r
- if (URI==NULL || *URI==0 || (*URI==chPound && !XMLString::compareString(URI+1,m_id))) {\r
+ if (URI==NULL || *URI==0 || (*URI==chPound && !XMLString::compareString(URI+1,signableObj->getId()))) {\r
DSIGTransformList* tlist=ref->getTransforms();\r
for (unsigned int i=0; tlist && i<tlist->getSize(); i++) {\r
if (tlist->item(i)->getTransformType()==TRANSFORM_ENVELOPED_SIGNATURE)\r
}\r
\r
if (!valid)\r
- throw xmlsignature::SignatureException("Invalid signature profile for SAML object.");\r
+ throw ValidationException("Invalid signature profile for SAML object.");\r
}\r
--- /dev/null
+/*\r
+ * Copyright 2001-2006 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * @file SignatureProfileValidator.h\r
+ * \r
+ * SAML-specific signature profile validator \r
+ */\r
+\r
+#ifndef __saml_sigval_h__\r
+#define __saml_sigval_h__\r
+\r
+#include <saml/base.h>\r
+#include <saml/signature/SignableObject.h>\r
+#include <xmltooling/validation/Validator.h>\r
+\r
+namespace opensaml {\r
+\r
+ /**\r
+ * SAML-specific signature profile validator.\r
+ */\r
+ class SAML_API SignatureProfileValidator : public virtual xmltooling::Validator\r
+ {\r
+ public:\r
+ SignatureProfileValidator() {}\r
+ virtual ~SignatureProfileValidator() {}\r
+\r
+ void validate(const xmltooling::XMLObject* xmlObject) const;\r
+ \r
+ SignatureProfileValidator* clone() const {\r
+ return new SignatureProfileValidator();\r
+ }\r
+ };\r
+\r
+};\r
+\r
+#endif /* __saml_sigval_h__ */\r
+++ /dev/null
-/*\r
- * Copyright 2001-2006 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * @file SigningContext.h\r
- * \r
- * SAML-specific signature construction \r
- */\r
-\r
-#ifndef __saml_signctx_h__\r
-#define __saml_signctx_h__\r
-\r
-#include <saml/base.h>\r
-#include <xmltooling/signature/SigningContext.h>\r
-\r
-namespace opensaml {\r
-\r
- /**\r
- * SAML-specific signature profile context.\r
- * This is not a synchronized implementation.\r
- */\r
- class SAML_API SigningContext : public virtual xmlsignature::SigningContext\r
- {\r
- public:\r
- /**\r
- * Constructor.\r
- * \r
- * @param id identifier of object being signed\r
- * @param credentials resolver to signing key/certs to use\r
- * @param keyInfo a complete KeyInfo object to attach, will be freed by context\r
- */\r
- SigningContext(const XMLCh* id, xmltooling::CredentialResolver& creds, xmlsignature::KeyInfo* keyInfo=NULL)\r
- : m_id(id), m_creds(creds), m_keyInfo(keyInfo) {\r
- }\r
- \r
- virtual ~SigningContext() {\r
- delete m_keyInfo;\r
- }\r
-\r
- /**\r
- * Given a "blank" native signature, creates signature content\r
- * appropriate for the SAML assertion or message being signed.\r
- * \r
- * @param sig native signature interface\r
- * @return indicator whether ds:KeyInfo was created by context \r
- */\r
- virtual bool createSignature(DSIGSignature* sig);\r
-\r
- /**\r
- * Gets a reference to the credential resolver supplied during construction.\r
- * \r
- * @return the resolver\r
- */\r
- virtual xmltooling::CredentialResolver& getCredentialResolver() {\r
- return m_creds;\r
- }\r
- \r
- /**\r
- * Gets a KeyInfo structure to embed.\r
- * Ownership of the object MUST be transferred to the caller.\r
- * This method will only be called if no certificates are returned from\r
- * the getX509Certificates() method.\r
- * \r
- * @return pointer to a KeyInfo structure, will be freed by caller\r
- */\r
- virtual xmlsignature::KeyInfo* getKeyInfo() {\r
- xmlsignature::KeyInfo* ret=m_keyInfo;\r
- m_keyInfo=NULL;\r
- return ret;\r
- }\r
- \r
- void addInclusivePrefix(const char* prefix) {\r
- m_prefixes.push_back(prefix);\r
- }\r
-\r
- protected:\r
- /** Identifier of object to sign. */\r
- const XMLCh* m_id;\r
-\r
- /** Reference to credentials to sign with. */\r
- xmltooling::CredentialResolver& m_creds;\r
-\r
- /** Optional pointer to KeyInfo to embed. */\r
- mutable xmlsignature::KeyInfo* m_keyInfo;\r
- \r
- /** Inclusive prefixes. */\r
- std::vector<std::string> m_prefixes;\r
- };\r
-\r
-};\r
-\r
-#endif /* __saml_signctx_h__ */\r
+++ /dev/null
-/*\r
- * Copyright 2001-2006 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * @file VerifyingContext.h\r
- * \r
- * SAML-specific signature verification \r
- */\r
-\r
-#ifndef __saml_verctx_h__\r
-#define __saml_verctx_h__\r
-\r
-#include <saml/base.h>\r
-#include <xmltooling/signature/VerifyingContext.h>\r
-\r
-namespace opensaml {\r
-\r
- /**\r
- * SAML-specific signature profile verification.\r
- */\r
- class SAML_API VerifyingContext : public virtual xmlsignature::VerifyingContext\r
- {\r
- public:\r
- /**\r
- * Constructor.\r
- * \r
- * @param id identifier of object being verified\r
- */\r
- VerifyingContext(const XMLCh* id) : m_id(id) {}\r
- \r
- virtual ~VerifyingContext() {}\r
-\r
- /**\r
- * Given a native signature, verifies that the signature content\r
- * is appropriate for the SAML assertion/message being verified.\r
- * Does <strong>NOT</strong> perform actual cryptographic evaluation\r
- * of the signature in the absence of policy. Subclasses should\r
- * override this method with their policies, call the base class\r
- * and then evaluate further.\r
- * \r
- * @param sig native signature object\r
- * \r
- * @throws SignatureException raised if signature is invalid\r
- */\r
- virtual void verifySignature(DSIGSignature* sig) const;\r
- \r
- protected:\r
- /** Identifier of object to verify. */\r
- const XMLCh* m_id;\r
- };\r
-\r
-};\r
-\r
-#endif /* __saml_verctx_h__ */\r
<ds:SignatureValue>AA5098JC4gfdAf2bvPQRZ9Ld/VehXAB3uhp0r4js4i6fMB3hGMs4VnE9iEJEsPDD
0Kj4cfewxHij/kHrWcxpKMMqIgGlqKYZhuQHfFt8GzDeeFIgu1R675jcN4uCOoWl
3aRVd9hgPRsXzf7/RkMiXHIsU/NjUPRKf7GjNt2jNT0=</ds:SignatureValue>
-<ds:KeyInfo>
-<ds:X509Data>
-<ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
+<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
VVMxEjAQBgNVBAoTCUludGVybmV0MjEXMBUGA1UEAxMOc3AuZXhhbXBsZS5vcmcw
cGxlLm9yZ4IJAKk8t1hYcMkhMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQAD
gYEAMFq/UeSQyngE0GpZueyD2UW0M358uhseYOgGEIfm+qXIFQF6MYwNoX7WFzhC
LJZ2E6mEvZZFHCHUtl7mGDvsRwgZ85YCtRbvleEpqfgNQToto9pLYe+X6vvH9Z6p
-gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0=
-</ds:X509Certificate>
-</ds:X509Data>
-</ds:KeyInfo>
-</ds:Signature></saml:Assertion>
\ No newline at end of file
+gmYsTmak+kxO93JprrOd9xp8aZPMEprL7VCdrhbZEfyYER0=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></saml:Assertion>
\ No newline at end of file
\r
#include "internal.h"\r
#include <saml/saml1/core/Assertions.h>\r
-#include <saml/signature/SigningContext.h>\r
-#include <saml/signature/VerifyingContext.h>\r
+#include <saml/signature/SignatureProfileValidator.h>\r
\r
-using namespace opensaml::saml1;\r
+#include <xmltooling/signature/Signature.h>\r
\r
#include <fstream>\r
#include <openssl/pem.h>\r
#include <xsec/enc/XSECKeyInfoResolverDefault.hpp>\r
#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>\r
#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>\r
-#include <xmltooling/signature/Signature.h>\r
+#include <xsec/enc/XSECCryptoException.hpp>\r
+#include <xsec/framework/XSECException.hpp>\r
\r
-class TestContext : public virtual CredentialResolver, public SigningContext, public VerifyingContext\r
+using namespace opensaml::saml1;\r
+using namespace xmlsignature;\r
+\r
+class TestValidator : public Validator\r
{\r
+public:\r
+ TestValidator() {}\r
+ virtual ~TestValidator() {}\r
+\r
+ Validator* clone() const {\r
+ return new TestValidator();\r
+ }\r
+\r
+ void validate(const XMLObject* xmlObject) const {\r
+ DSIGSignature* sig=dynamic_cast<const Signature*>(xmlObject)->getXMLSignature();\r
+ if (!sig)\r
+ throw SignatureException("Only a marshalled Signature object can be verified.");\r
+ XSECKeyInfoResolverDefault resolver;\r
+ sig->setKeyInfoResolver(&resolver); // It will clone the resolver for us.\r
+ try {\r
+ if (!sig->verify())\r
+ throw SignatureException("Signature did not verify.");\r
+ }\r
+ catch(XSECException& e) {\r
+ auto_ptr_char temp(e.getMsg());\r
+ throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());\r
+ }\r
+ catch(XSECCryptoException& e) {\r
+ throw SignatureException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());\r
+ }\r
+ }\r
+};\r
+\r
+class _addcert : public std::binary_function<X509Data*,XSECCryptoX509*,void> {\r
+public:\r
+ void operator()(X509Data* bag, XSECCryptoX509* cert) const {\r
+ safeBuffer& buf=cert->getDEREncodingSB();\r
+ X509Certificate* x=X509CertificateBuilder::buildX509Certificate();\r
+ x->setValue(buf.sbStrToXMLCh());\r
+ bag->getX509Certificates().push_back(x);\r
+ }\r
+};\r
+\r
+class SAML1AssertionTest : public CxxTest::TestSuite, public SAMLObjectBaseTestCase {\r
+ XSECCryptoKey* m_key;\r
vector<XSECCryptoX509*> m_certs;\r
- OpenSSLCryptoKeyRSA* m_key;\r
public:\r
- TestContext(const XMLCh* uri) : VerifyingContext(uri), SigningContext(uri,*this), m_key(NULL) {\r
+ void setUp() {\r
+ childElementsFile = data_path + "signature/SAML1Assertion.xml";\r
+ SAMLObjectBaseTestCase::setUp();\r
string keypath=data_path + "key.pem";\r
BIO* in=BIO_new(BIO_s_file_internal());\r
if (in && BIO_read_filename(in,keypath.c_str())>0) {\r
if (in) BIO_free(in);\r
TS_ASSERT(m_certs.size()>0);\r
}\r
- \r
- virtual ~TestContext() {\r
- delete m_key;\r
- for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
- }\r
- \r
- void verifySignature(DSIGSignature* sig) const {\r
- VerifyingContext::verifySignature(sig);\r
- sig->setSigningKey(NULL);\r
- XSECKeyInfoResolverDefault resolver;\r
- sig->setKeyInfoResolver(&resolver);\r
- sig->verify();\r
- }\r
-\r
- xmlsignature::KeyInfo* getKeyInfo() { return NULL; }\r
- const char* getId() const { return "test"; }\r
- const vector<XSECCryptoX509*>* getX509Certificates() { return &m_certs; }\r
- XSECCryptoKey* getPublicKey() { return m_key; }\r
- XSECCryptoKey* getPrivateKey() { return m_key; }\r
- Lockable& lock() { return *this; }\r
- void unlock() {}\r
-};\r
-\r
-class SAML1AssertionTest : public CxxTest::TestSuite, public SAMLObjectBaseTestCase {\r
-public:\r
- void setUp() {\r
- childElementsFile = data_path + "signature/SAML1Assertion.xml";\r
- SAMLObjectBaseTestCase::setUp();\r
- }\r
\r
void tearDown() {\r
SAMLObjectBaseTestCase::tearDown();\r
+ delete m_key;\r
+ for_each(m_certs.begin(),m_certs.end(),xmltooling::cleanup<XSECCryptoX509>());\r
}\r
\r
void testSignature() {\r
assertion->getAuthenticationStatements().push_back(statement);\r
\r
// Append a Signature.\r
- xmlsignature::Signature* sig=xmlsignature::SignatureBuilder::newSignature();\r
+ Signature* sig=SignatureBuilder::buildSignature();\r
assertion->setSignature(sig);\r
- \r
- // Signing context for the assertion.\r
- TestContext tc(id.get());\r
- MarshallingContext mctx(sig,&tc);\r
- DOMElement* rootElement = assertion->marshall((DOMDocument*)NULL,&mctx);\r
+ sig->setSigningKey(m_key->clone());\r
+\r
+ // Build KeyInfo.\r
+ KeyInfo* keyInfo=KeyInfoBuilder::buildKeyInfo();\r
+ X509Data* x509Data=X509DataBuilder::buildX509Data();\r
+ keyInfo->getX509Datas().push_back(x509Data);\r
+ for_each(m_certs.begin(),m_certs.end(),bind1st(_addcert(),x509Data));\r
+ sig->setKeyInfo(keyInfo);\r
+\r
+ // Sign while marshalling.\r
+ vector<Signature*> sigs(1,sig);\r
+ DOMElement* rootElement = NULL;\r
+ try {\r
+ rootElement=assertion->marshall((DOMDocument*)NULL,&sigs);\r
+ }\r
+ catch (XMLToolingException& e) {\r
+ TS_TRACE(e.what());\r
+ throw;\r
+ }\r
\r
string buf;\r
XMLHelper::serialize(rootElement, buf);\r
assertEquals(expectedChildElementsDOM, b->buildFromDocument(doc));\r
\r
try {\r
- assertion->getSignature()->verify(tc);\r
+ assertion->getSignature()->registerValidator(new SignatureProfileValidator());\r
+ assertion->getSignature()->registerValidator(new TestValidator());\r
+ assertion->getSignature()->validate(true);\r
}\r
- catch (xmlsignature::SignatureException& e) {\r
+ catch (XMLToolingException& e) {\r
TS_TRACE(e.what());\r
throw;\r
}\r