projects
/
shibboleth
/
cpp-opensaml.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
1358ecc
)
Revised decryption APIs to clarify CredentialResolver/KeyResolver difference.
author
Scott Cantor
<cantor.2@osu.edu>
Sun, 18 Mar 2007 06:15:25 +0000
(06:15 +0000)
committer
Scott Cantor
<cantor.2@osu.edu>
Sun, 18 Mar 2007 06:15:25 +0000
(06:15 +0000)
saml/encryption/EncryptedKeyResolver.cpp
patch
|
blob
|
history
saml/encryption/EncryptedKeyResolver.h
patch
|
blob
|
history
saml/saml2/core/Assertions.h
patch
|
blob
|
history
saml/saml2/core/impl/Assertions20Impl.cpp
patch
|
blob
|
history
saml/saml2/core/impl/Protocols20Impl.cpp
patch
|
blob
|
history
diff --git
a/saml/encryption/EncryptedKeyResolver.cpp
b/saml/encryption/EncryptedKeyResolver.cpp
index
ef90378
..
6a8f81b
100644
(file)
--- a/
saml/encryption/EncryptedKeyResolver.cpp
+++ b/
saml/encryption/EncryptedKeyResolver.cpp
@@
-26,7
+26,7
@@
using namespace xmlencryption;
using namespace std;
using namespace xmlencryption;
using namespace std;
-EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(EncryptedData
* encryptedData)
+EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(EncryptedData
& encryptedData) const
{
const vector<EncryptedKey*>& keys=m_ref.getEncryptedKeys();
for (vector<EncryptedKey*>::const_iterator i=keys.begin(); i!=keys.end(); i++) {
{
const vector<EncryptedKey*>& keys=m_ref.getEncryptedKeys();
for (vector<EncryptedKey*>::const_iterator i=keys.begin(); i!=keys.end(); i++) {
diff --git
a/saml/encryption/EncryptedKeyResolver.h
b/saml/encryption/EncryptedKeyResolver.h
index
5d8daa8
..
51f74ba
100644
(file)
--- a/
saml/encryption/EncryptedKeyResolver.h
+++ b/
saml/encryption/EncryptedKeyResolver.h
@@
-46,11
+46,7
@@
namespace opensaml {
XMLString::release(&m_recipient);
}
XMLString::release(&m_recipient);
}
- xmlencryption::EncryptedKey* resolveKey(xmlencryption::EncryptedData* encryptedData);
-
- EncryptedKeyResolver* clone() const {
- return new EncryptedKeyResolver(m_ref, m_recipient);
- }
+ xmlencryption::EncryptedKey* resolveKey(xmlencryption::EncryptedData& encryptedData) const;
protected:
const saml2::EncryptedElementType& m_ref;
protected:
const saml2::EncryptedElementType& m_ref;
diff --git
a/saml/saml2/core/Assertions.h
b/saml/saml2/core/Assertions.h
index
9faaa8b
..
31d11cf
100644
(file)
--- a/
saml/saml2/core/Assertions.h
+++ b/
saml/saml2/core/Assertions.h
@@
-28,7
+28,7
@@
#include <xmltooling/XMLObjectBuilder.h>
#include <xmltooling/encryption/Encryption.h>
#include <xmltooling/XMLObjectBuilder.h>
#include <xmltooling/encryption/Encryption.h>
-#include <xmltooling/security/
Key
Resolver.h>
+#include <xmltooling/security/
Credential
Resolver.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
@@
-65,13
+65,13
@@
namespace opensaml {
* inside the message. The key decryption key should be supplied using the provided
* resolver. The recipient name may be used when multiple encrypted keys are found.
* The object returned will be unmarshalled around the decrypted DOM element, but the
* inside the message. The key decryption key should be supplied using the provided
* resolver. The recipient name may be used when multiple encrypted keys are found.
* The object returned will be unmarshalled around the decrypted DOM element, but the
- * DOM itself will be released.
+ * DOM itself will be released.
*
*
- * @param KEKresolver resolver supplying key decryption key
+ * @param KEKresolver
locked
resolver supplying key decryption key
* @param recipient identifier naming the recipient (the entity performing the decryption)
* @return the decrypted and unmarshalled object
*/
* @param recipient identifier naming the recipient (the entity performing the decryption)
* @return the decrypted and unmarshalled object
*/
- virtual xmltooling::XMLObject* decrypt(
xmltooling::Key
Resolver* KEKresolver, const XMLCh* recipient) const=0;
+ virtual xmltooling::XMLObject* decrypt(
const xmltooling::Credential
Resolver* KEKresolver, const XMLCh* recipient) const=0;
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,EncryptedID,EncryptedElementType,SAML 2.0 EncryptedID element);
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,EncryptedID,EncryptedElementType,SAML 2.0 EncryptedID element);
diff --git
a/saml/saml2/core/impl/Assertions20Impl.cpp
b/saml/saml2/core/impl/Assertions20Impl.cpp
index
f4fe15a
..
a26a275
100644
(file)
--- a/
saml/saml2/core/impl/Assertions20Impl.cpp
+++ b/
saml/saml2/core/impl/Assertions20Impl.cpp
@@
-192,12
+192,13
@@
namespace opensaml {
}
}
}
}
- XMLObject* decrypt(
Key
Resolver* KEKresolver, const XMLCh* recipient) const
+ XMLObject* decrypt(
const Credential
Resolver* KEKresolver, const XMLCh* recipient) const
{
if (!m_EncryptedData)
throw DecryptionException("No encrypted data present.");
{
if (!m_EncryptedData)
throw DecryptionException("No encrypted data present.");
- Decrypter decrypter(KEKresolver, new EncryptedKeyResolver(*this, recipient));
- DOMDocumentFragment* frag = decrypter.decryptData(m_EncryptedData);
+ EncryptedKeyResolver ekr(*this, recipient);
+ Decrypter decrypter(KEKresolver, &ekr);
+ DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData);
if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
DOMNode* plaintext=frag->getFirstChild();
if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
DOMNode* plaintext=frag->getFirstChild();
if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
diff --git
a/saml/saml2/core/impl/Protocols20Impl.cpp
b/saml/saml2/core/impl/Protocols20Impl.cpp
index
1084ca5
..
ab3b970
100644
(file)
--- a/
saml/saml2/core/impl/Protocols20Impl.cpp
+++ b/
saml/saml2/core/impl/Protocols20Impl.cpp
@@
-1288,12
+1288,13
@@
namespace opensaml {
}
}
}
}
- XMLObject* decrypt(
Key
Resolver* KEKresolver, const XMLCh* recipient) const
+ XMLObject* decrypt(
const Credential
Resolver* KEKresolver, const XMLCh* recipient) const
{
if (!m_EncryptedData)
throw DecryptionException("No encrypted data present.");
{
if (!m_EncryptedData)
throw DecryptionException("No encrypted data present.");
- Decrypter decrypter(KEKresolver, new EncryptedKeyResolver(*this, recipient));
- DOMDocumentFragment* frag = decrypter.decryptData(m_EncryptedData);
+ EncryptedKeyResolver ekr(*this, recipient);
+ Decrypter decrypter(KEKresolver, &ekr);
+ DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData);
if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
DOMNode* plaintext=frag->getFirstChild();
if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) {
DOMNode* plaintext=frag->getFirstChild();
if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {