2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * SignatureValidator.cpp
24 * Validator for signatures based on an externally-supplied key
28 #include "security/Credential.h"
29 #include "signature/Signature.h"
30 #include "signature/SignatureValidator.h"
32 #include <xsec/enc/XSECCryptoException.hpp>
33 #include <xsec/framework/XSECException.hpp>
35 using namespace xmlsignature;
36 using namespace xmltooling;
39 SignatureValidator::SignatureValidator(XSECCryptoKey* key) : m_key(key), m_credential(nullptr)
43 SignatureValidator::SignatureValidator(const Credential* credential) : m_key(nullptr), m_credential(credential)
47 SignatureValidator::~SignatureValidator()
51 void SignatureValidator::setKey(XSECCryptoKey* key)
54 m_credential = nullptr;
57 void SignatureValidator::setCredential(const Credential* credential)
60 m_credential = credential;
63 void SignatureValidator::validate(const XMLObject* xmlObject) const
65 const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);
67 throw ValidationException("Validator only applies to Signature objects.");
71 void SignatureValidator::validate(const Signature* sigObj) const
73 DSIGSignature* sig=sigObj->getXMLSignature();
75 throw ValidationException("Signature does not exist yet.");
76 else if (!m_key && !m_credential)
77 throw ValidationException("No Credential or key set on Validator.");
79 XSECCryptoKey* key = m_key ? m_key : (m_credential ? m_credential->getPublicKey() : nullptr);
81 throw ValidationException("Credential did not contain a verification key.");
84 sig->setSigningKey(key->clone());
86 throw ValidationException("Digital signature does not validate with the supplied key.");
88 catch(XSECException& e) {
89 auto_ptr_char temp(e.getMsg());
90 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + temp.get());
92 catch(XSECCryptoException& e) {
93 throw ValidationException(string("Caught an XMLSecurity exception verifying signature: ") + e.getMsg());