From: Scott Cantor Date: Mon, 19 Nov 2007 05:05:16 +0000 (+0000) Subject: Multi-line svn commit, see body. X-Git-Tag: 2.0-beta2~2 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=commitdiff_plain;h=71c32047b99f8c4d59e214918b0d4904cd8492bc Multi-line svn commit, see body. KeyInfo should be base64-decoded in simple sign rule. Add encoded KeyInfo to POST simple-sign binding. --- diff --git a/saml/binding/impl/SimpleSigningRule.cpp b/saml/binding/impl/SimpleSigningRule.cpp index bca976d..c8cbf5f 100644 --- a/saml/binding/impl/SimpleSigningRule.cpp +++ b/saml/binding/impl/SimpleSigningRule.cpp @@ -178,17 +178,24 @@ void SimpleSigningRule::evaluate(const XMLObject& message, const GenericRequest* KeyInfo* keyInfo=NULL; pch = request->getParameter("KeyInfo"); if (pch) { - try { - istringstream kstrm(pch); - DOMDocument* doc = XMLToolingConfig::getConfig().getParser().parse(kstrm); - XercesJanitor janitor(doc); - XMLObject* kxml = XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true); - janitor.release(); - if (!(keyInfo=dynamic_cast(kxml))) - delete kxml; + unsigned int x; + XMLByte* decoded=Base64::decode(reinterpret_cast(pch),&x); + if (decoded) { + try { + istringstream kstrm(pch); + DOMDocument* doc = XMLToolingConfig::getConfig().getParser().parse(kstrm); + XercesJanitor janitor(doc); + XMLObject* kxml = XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true); + janitor.release(); + if (!(keyInfo=dynamic_cast(kxml))) + delete kxml; + } + catch (XMLToolingException& ex) { + log.warn("Failed to load KeyInfo from message: %s", ex.what()); + } } - catch (XMLToolingException& ex) { - log.warn("Failed to load KeyInfo from message: %s", ex.what()); + else { + log.warn("Failed to load KeyInfo from message: Unable to decode base64-encoded KeyInfo."); } } diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp index 65ccb38..5820150 100644 --- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp @@ -175,6 +175,19 @@ long SAML2POSTEncoder::encode( memset(sigbuf,0,sizeof(sigbuf)); Signature::createRawSignature(credential->getPrivateKey(), signatureAlg, input.c_str(), input.length(), sigbuf, sizeof(sigbuf)-1); pmap.m_map["Signature"] = sigbuf; + + auto_ptr keyInfo(credential->getKeyInfo()); + if (keyInfo.get()) { + string& kstring = pmap.m_map["KeyInfo"]; + XMLHelper::serialize(keyInfo->marshall((DOMDocument*)NULL), kstring); + unsigned int len=0; + XMLByte* out=Base64::encode(reinterpret_cast(kstring.data()),kstring.size(),&len); + if (!out) + throw BindingException("Base64 encoding of XML failed."); + kstring.erase(); + kstring.append(reinterpret_cast(out),len); + XMLString::release(&out); + } } // Base64 the message.