projects
/
shibboleth
/
cpp-sp.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
efc6d70
)
Omit use attribute on multi-purpose keys.
author
Scott Cantor
<cantor.2@osu.edu>
Mon, 11 Oct 2010 01:15:56 +0000
(
01:15
+0000)
committer
Scott Cantor
<cantor.2@osu.edu>
Mon, 11 Oct 2010 01:15:56 +0000
(
01:15
+0000)
shibsp/handler/impl/MetadataGenerator.cpp
patch
|
blob
|
history
diff --git
a/shibsp/handler/impl/MetadataGenerator.cpp
b/shibsp/handler/impl/MetadataGenerator.cpp
index
feafda6
..
b3f9720
100644
(file)
--- a/
shibsp/handler/impl/MetadataGenerator.cpp
+++ b/
shibsp/handler/impl/MetadataGenerator.cpp
@@
-338,23
+338,31
@@
pair<bool,long> MetadataGenerator::processMessage(
prop = relyingParty->getString("keyName");
if (prop.first)
cc.getKeyNames().insert(prop.second);
prop = relyingParty->getString("keyName");
if (prop.first)
cc.getKeyNames().insert(prop.second);
+ vector<const Credential*> signingcreds,enccreds;
cc.setUsage(Credential::SIGNING_CREDENTIAL);
cc.setUsage(Credential::SIGNING_CREDENTIAL);
- vector<const Credential*> creds;
- credResolver->resolve(creds,&cc);
- for (vector<const Credential*>::const_iterator c = creds.begin(); c != creds.end(); ++c) {
+ credResolver->resolve(signingcreds, &cc);
+ cc.setUsage(Credential::ENCRYPTION_CREDENTIAL);
+ credResolver->resolve(enccreds, &cc);
+
+ for (vector<const Credential*>::const_iterator c = signingcreds.begin(); c != signingcreds.end(); ++c) {
KeyInfo* kinfo = (*c)->getKeyInfo();
if (kinfo) {
KeyDescriptor* kd = KeyDescriptorBuilder::buildKeyDescriptor();
KeyInfo* kinfo = (*c)->getKeyInfo();
if (kinfo) {
KeyDescriptor* kd = KeyDescriptorBuilder::buildKeyDescriptor();
- kd->setUse(KeyDescriptor::KEYTYPE_SIGNING);
kd->setKeyInfo(kinfo);
kd->setKeyInfo(kinfo);
+ const XMLCh* use = KeyDescriptor::KEYTYPE_SIGNING;
+ for (vector<const Credential*>::iterator match = enccreds.begin(); match != enccreds.end(); ++match) {
+ if (*match == *c) {
+ use = nullptr;
+ enccreds.erase(match);
+ break;
+ }
+ }
+ kd->setUse(use);
role->getKeyDescriptors().push_back(kd);
}
}
role->getKeyDescriptors().push_back(kd);
}
}
- cc.setUsage(Credential::ENCRYPTION_CREDENTIAL);
- creds.clear();
- credResolver->resolve(creds,&cc);
- for (vector<const Credential*>::const_iterator c = creds.begin(); c != creds.end(); ++c) {
+ for (vector<const Credential*>::const_iterator c = enccreds.begin(); c != enccreds.end(); ++c) {
KeyInfo* kinfo = (*c)->getKeyInfo();
if (kinfo) {
KeyDescriptor* kd = KeyDescriptorBuilder::buildKeyDescriptor();
KeyInfo* kinfo = (*c)->getKeyInfo();
if (kinfo) {
KeyDescriptor* kd = KeyDescriptorBuilder::buildKeyDescriptor();