xmltooling/util/ReloadableXMLFile.cpp

   1 /*
   2  *  Copyright 2001-2010 Internet2
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * @file ReloadableXMLFile.cpp
  19  *
  20  * Base class for file-based XML configuration.
  21  */
  22
  23 #include "internal.h"
  24 #include "io/HTTPResponse.h"
  25 #ifndef XMLTOOLING_LITE
  26 # include "security/Credential.h"
  27 # include "security/CredentialCriteria.h"
  28 # include "security/CredentialResolver.h"
  29 # include "security/SignatureTrustEngine.h"
  30 # include "signature/Signature.h"
  31 # include "signature/SignatureValidator.h"
  32 #endif
  33 #include "util/NDC.h"
  34 #include "util/PathResolver.h"
  35 #include "util/ReloadableXMLFile.h"
  36 #include "util/Threads.h"
  37 #include "util/XMLConstants.h"
  38 #include "util/XMLHelper.h"
  39
  40 #if defined(XMLTOOLING_LOG4SHIB)
  41 # include <log4shib/NDC.hh>
  42 #elif defined(XMLTOOLING_LOG4CPP)
  43 # include <log4cpp/NDC.hh>
  44 #endif
  45
  46 #include <memory>
  47 #include <fstream>
  48 #include <sys/types.h>
  49 #include <sys/stat.h>
  50
  51 #include <xercesc/framework/LocalFileInputSource.hpp>
  52 #include <xercesc/framework/Wrapper4InputSource.hpp>
  53 #include <xercesc/util/XMLUniDefs.hpp>
  54
  55 #ifndef XMLTOOLING_LITE
  56 # include <xsec/dsig/DSIGReference.hpp>
  57 # include <xsec/dsig/DSIGTransformList.hpp>
  58 using namespace xmlsignature;
  59 #endif
  60
  61 using namespace xmltooling::logging;
  62 using namespace xmltooling;
  63 using namespace xercesc;
  64 using namespace std;
  65
  66 #ifndef XMLTOOLING_LITE
  67 namespace {
  68     class XMLTOOL_DLLLOCAL DummyCredentialResolver : public CredentialResolver
  69     {
  70     public:
  71         DummyCredentialResolver() {}
  72         ~DummyCredentialResolver() {}
  73
  74         Lockable* lock() {return this;}
  75         void unlock() {}
  76
  77         const Credential* resolve(const CredentialCriteria* criteria=nullptr) const {return nullptr;}
  78         vector<const Credential*>::size_type resolve(
  79             vector<const Credential*>& results, const CredentialCriteria* criteria=nullptr
  80             ) const {return 0;}
  81     };
  82 };
  83 #endif
  84
  85 static const XMLCh id[] =               UNICODE_LITERAL_2(i,d);
  86 static const XMLCh uri[] =              UNICODE_LITERAL_3(u,r,i);
  87 static const XMLCh url[] =              UNICODE_LITERAL_3(u,r,l);
  88 static const XMLCh path[] =             UNICODE_LITERAL_4(p,a,t,h);
  89 static const XMLCh pathname[] =         UNICODE_LITERAL_8(p,a,t,h,n,a,m,e);
  90 static const XMLCh file[] =             UNICODE_LITERAL_4(f,i,l,e);
  91 static const XMLCh filename[] =         UNICODE_LITERAL_8(f,i,l,e,n,a,m,e);
  92 static const XMLCh validate[] =         UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);
  93 static const XMLCh reloadChanges[] =    UNICODE_LITERAL_13(r,e,l,o,a,d,C,h,a,n,g,e,s);
  94 static const XMLCh reloadInterval[] =   UNICODE_LITERAL_14(r,e,l,o,a,d,I,n,t,e,r,v,a,l);
  95 static const XMLCh maxRefreshDelay[] =  UNICODE_LITERAL_15(m,a,x,R,e,f,r,e,s,h,D,e,l,a,y);
  96 static const XMLCh backingFilePath[] =  UNICODE_LITERAL_15(b,a,c,k,i,n,g,F,i,l,e,P,a,t,h);
  97 static const XMLCh type[] =             UNICODE_LITERAL_4(t,y,p,e);
  98 static const XMLCh certificate[] =      UNICODE_LITERAL_11(c,e,r,t,i,f,i,c,a,t,e);
  99 static const XMLCh signerName[] =       UNICODE_LITERAL_10(s,i,g,n,e,r,N,a,m,e);
 100 static const XMLCh _TrustEngine[] =     UNICODE_LITERAL_11(T,r,u,s,t,E,n,g,i,n,e);
 101 static const XMLCh _CredentialResolver[] = UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r);
 102
 103
 104 ReloadableXMLFile::ReloadableXMLFile(const DOMElement* e, Category& log, bool startReloadThread)
 105     : m_root(e), m_local(true), m_validate(false), m_filestamp(0), m_reloadInterval(0),
 106       m_lock(nullptr), m_log(log), m_loaded(false),
 107 #ifndef XMLTOOLING_LITE
 108       m_credResolver(nullptr), m_trust(nullptr),
 109 #endif
 110       m_shutdown(false), m_reload_wait(nullptr), m_reload_thread(nullptr)
 111 {
 112 #ifdef _DEBUG
 113     NDC ndc("ReloadableXMLFile");
 114 #endif
 115
 116     // Establish source of data...
 117     const XMLCh* source=e->getAttributeNS(nullptr,uri);
 118     if (!source || !*source) {
 119         source=e->getAttributeNS(nullptr,url);
 120         if (!source || !*source) {
 121             source=e->getAttributeNS(nullptr,path);
 122             if (!source || !*source) {
 123                 source=e->getAttributeNS(nullptr,pathname);
 124                 if (!source || !*source) {
 125                     source=e->getAttributeNS(nullptr,file);
 126                     if (!source || !*source) {
 127                         source=e->getAttributeNS(nullptr,filename);
 128                     }
 129                 }
 130             }
 131         }
 132         else {
 133             m_local=false;
 134         }
 135     }
 136     else {
 137         m_local=false;
 138     }
 139
 140     if (source && *source) {
 141         m_validate = XMLHelper::getAttrBool(e, false, validate);
 142
 143         auto_ptr_char temp(source);
 144         m_source = temp.get();
 145
 146         if (!m_local && !strstr(m_source.c_str(),"://")) {
 147             log.warn("deprecated usage of uri/url attribute for a local resource, use path instead");
 148             m_local = true;
 149         }
 150
 151 #ifndef XMLTOOLING_LITE
 152         // Check for signature bits.
 153         if (e->hasAttributeNS(nullptr, certificate)) {
 154             // Use a file-based credential resolver rooted here.
 155             m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER, e);
 156         }
 157         else {
 158             const DOMElement* sub = XMLHelper::getFirstChildElement(e, _CredentialResolver);
 159             string t(XMLHelper::getAttrString(sub, nullptr, type));
 160             if (!t.empty()) {
 161                 m_credResolver = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(t.c_str(), sub);
 162             }
 163             else {
 164                 sub = XMLHelper::getFirstChildElement(e, _TrustEngine);
 165                 t = XMLHelper::getAttrString(sub, nullptr, type);
 166                 if (!t.empty()) {
 167                     TrustEngine* trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(t.c_str(), sub);
 168                     if (!(m_trust = dynamic_cast<SignatureTrustEngine*>(trust))) {
 169                         delete trust;
 170                         throw XMLToolingException("TrustEngine-based ReloadableXMLFile requires a SignatureTrustEngine plugin.");
 171                     }
 172
 173                     m_signerName = XMLHelper::getAttrString(e, nullptr, signerName);
 174                 }
 175             }
 176         }
 177 #endif
 178
 179         if (m_local) {
 180             XMLToolingConfig::getConfig().getPathResolver()->resolve(m_source, PathResolver::XMLTOOLING_CFG_FILE);
 181
 182             bool flag = XMLHelper::getAttrBool(e, true, reloadChanges);
 183             if (flag) {
 184 #ifdef WIN32
 185                 struct _stat stat_buf;
 186                 if (_stat(m_source.c_str(), &stat_buf) == 0)
 187 #else
 188                 struct stat stat_buf;
 189                 if (stat(m_source.c_str(), &stat_buf) == 0)
 190 #endif
 191                     m_filestamp = stat_buf.st_mtime;
 192                 else
 193                     throw IOException("Unable to access local file ($1)", params(1,m_source.c_str()));
 194                 m_lock = RWLock::create();
 195             }
 196             log.debug("using local resource (%s), will %smonitor for changes", m_source.c_str(), m_lock ? "" : "not ");
 197         }
 198         else {
 199             log.debug("using remote resource (%s)", m_source.c_str());
 200             m_backing = XMLHelper::getAttrString(e, nullptr, backingFilePath);
 201             if (!m_backing.empty()) {
 202                 XMLToolingConfig::getConfig().getPathResolver()->resolve(m_backing, PathResolver::XMLTOOLING_RUN_FILE);
 203                 log.debug("backup remote resource to (%s)", m_backing.c_str());
 204                 try {
 205                     string tagname = m_backing + ".tag";
 206                     ifstream backer(tagname.c_str());
 207                     if (backer) {
 208                         char cachebuf[256];
 209                         if (backer.getline(cachebuf, 255)) {
 210                             m_cacheTag = cachebuf;
 211                             log.debug("loaded initial cache tag (%s)", m_cacheTag.c_str());
 212                         }
 213                     }
 214                 }
 215                 catch (exception&) {
 216                 }
 217             }
 218             m_reloadInterval = XMLHelper::getAttrInt(e, 0, reloadInterval);
 219             if (m_reloadInterval == 0)
 220                 m_reloadInterval = XMLHelper::getAttrInt(e, 0, maxRefreshDelay);
 221             if (m_reloadInterval > 0) {
 222                 m_log.debug("will reload remote resource at most every %d seconds", m_reloadInterval);
 223                 m_lock = RWLock::create();
 224             }
 225             m_filestamp = time(nullptr);   // assume it gets loaded initially
 226         }
 227
 228         if (startReloadThread)
 229             startup();
 230     }
 231     else {
 232         log.debug("no resource uri/path/name supplied, will load inline configuration");
 233     }
 234
 235     m_id = XMLHelper::getAttrString(e, nullptr, id);
 236 }
 237
 238 ReloadableXMLFile::~ReloadableXMLFile()
 239 {
 240     shutdown();
 241     delete m_lock;
 242 }
 243
 244 void ReloadableXMLFile::startup()
 245 {
 246     if (m_lock && !m_reload_thread) {
 247         m_reload_wait = CondWait::create();
 248         m_reload_thread = Thread::create(&reload_fn, this);
 249     }
 250 }
 251
 252 void ReloadableXMLFile::shutdown()
 253 {
 254     if (m_reload_thread) {
 255         // Shut down the reload thread and let it know.
 256         m_shutdown = true;
 257         m_reload_wait->signal();
 258         m_reload_thread->join(nullptr);
 259         delete m_reload_thread;
 260         delete m_reload_wait;
 261         m_reload_thread = nullptr;
 262         m_reload_wait = nullptr;
 263     }
 264 }
 265
 266 void* ReloadableXMLFile::reload_fn(void* pv)
 267 {
 268     ReloadableXMLFile* r = reinterpret_cast<ReloadableXMLFile*>(pv);
 269
 270 #ifndef WIN32
 271     // First, let's block all signals
 272     Thread::mask_all_signals();
 273 #endif
 274
 275     if (!r->m_id.empty()) {
 276         string threadid("[");
 277         threadid += r->m_id + ']';
 278         logging::NDC::push(threadid);
 279     }
 280
 281 #ifdef _DEBUG
 282     NDC ndc("reload");
 283 #endif
 284
 285     auto_ptr<Mutex> mutex(Mutex::create());
 286     mutex->lock();
 287
 288     if (r->m_local)
 289         r->m_log.info("reload thread started...running when signaled");
 290     else
 291         r->m_log.info("reload thread started...running every %d seconds", r->m_reloadInterval);
 292
 293     while (!r->m_shutdown) {
 294         if (r->m_local)
 295             r->m_reload_wait->wait(mutex.get());
 296         else
 297             r->m_reload_wait->timedwait(mutex.get(), r->m_reloadInterval);
 298         if (r->m_shutdown)
 299             break;
 300
 301         try {
 302             r->m_log.info("reloading %s resource...", r->m_local ? "local" : "remote");
 303             pair<bool,DOMElement*> ret = r->background_load();
 304             if (ret.first)
 305                 ret.second->getOwnerDocument()->release();
 306         }
 307         catch (long& ex) {
 308             if (ex == HTTPResponse::XMLTOOLING_HTTP_STATUS_NOTMODIFIED) {
 309                 r->m_log.info("remote resource (%s) unchanged from cached version", r->m_source.c_str());
 310             }
 311             else {
 312                 // Shouldn't happen, we should only get codes intended to be gracefully handled.
 313                 r->m_log.crit("maintaining existing configuration, remote resource fetch returned atypical status code (%d)", ex);
 314             }
 315         }
 316         catch (exception& ex) {
 317             r->m_log.crit("maintaining existing configuration, error reloading resource (%s): %s", r->m_source.c_str(), ex.what());
 318         }
 319     }
 320
 321     r->m_log.info("reload thread finished");
 322
 323     mutex->unlock();
 324
 325     if (!r->m_id.empty()) {
 326         logging::NDC::pop();
 327     }
 328
 329     return nullptr;
 330 }
 331
 332 Lockable* ReloadableXMLFile::lock()
 333 {
 334     if (!m_lock)
 335         return this;
 336
 337     m_lock->rdlock();
 338
 339     if (m_local) {
 340     // Check if we need to refresh.
 341 #ifdef WIN32
 342         struct _stat stat_buf;
 343         if (_stat(m_source.c_str(), &stat_buf) != 0)
 344             return this;
 345 #else
 346         struct stat stat_buf;
 347         if (stat(m_source.c_str(), &stat_buf) != 0)
 348             return this;
 349 #endif
 350         if (m_filestamp >= stat_buf.st_mtime)
 351             return this;
 352
 353         // Elevate lock and recheck.
 354         m_log.debug("timestamp of local resource changed, elevating to a write lock");
 355         m_lock->unlock();
 356         m_lock->wrlock();
 357         if (m_filestamp >= stat_buf.st_mtime) {
 358             // Somebody else handled it, just downgrade.
 359             m_log.debug("update of local resource handled by another thread, downgrading lock");
 360             m_lock->unlock();
 361             m_lock->rdlock();
 362             return this;
 363         }
 364
 365         // Update the timestamp regardless.
 366         m_filestamp = stat_buf.st_mtime;
 367         if (m_reload_wait) {
 368             m_log.info("change detected, signaling reload thread...");
 369             m_reload_wait->signal();
 370         }
 371         else {
 372             m_log.warn("change detected, but reload thread not started");
 373         }
 374     }
 375
 376     return this;
 377 }
 378
 379 void ReloadableXMLFile::unlock()
 380 {
 381     if (m_lock)
 382         m_lock->unlock();
 383 }
 384
 385 pair<bool,DOMElement*> ReloadableXMLFile::load(bool backup)
 386 {
 387 #ifdef _DEBUG
 388     NDC ndc("load");
 389 #endif
 390
 391     try {
 392         if (m_source.empty()) {
 393             // Data comes from the DOM we were handed.
 394             m_log.debug("loading inline configuration...");
 395             return make_pair(false, XMLHelper::getFirstChildElement(m_root));
 396         }
 397         else {
 398             // Data comes from a file we have to parse.
 399             if (backup)
 400                 m_log.info("using local backup of remote resource");
 401             else
 402                 m_log.debug("loading configuration from external resource...");
 403
 404             DOMDocument* doc=nullptr;
 405             if (m_local || backup) {
 406                 auto_ptr_XMLCh widenit(backup ? m_backing.c_str() : m_source.c_str());
 407                 // Use library-wide lock for now, nothing else is using it anyway.
 408                 Locker locker(backup ? getBackupLock() : nullptr);
 409                 LocalFileInputSource src(widenit.get());
 410                 Wrapper4InputSource dsrc(&src, false);
 411                 if (m_validate)
 412                     doc=XMLToolingConfig::getConfig().getValidatingParser().parse(dsrc);
 413                 else
 414                     doc=XMLToolingConfig::getConfig().getParser().parse(dsrc);
 415             }
 416             else {
 417                 URLInputSource src(m_root, nullptr, &m_cacheTag);
 418                 Wrapper4InputSource dsrc(&src, false);
 419                 if (m_validate)
 420                     doc=XMLToolingConfig::getConfig().getValidatingParser().parse(dsrc);
 421                 else
 422                     doc=XMLToolingConfig::getConfig().getParser().parse(dsrc);
 423
 424                 // Check for a response code signal.
 425                 if (XMLHelper::isNodeNamed(doc->getDocumentElement(), xmlconstants::XMLTOOLING_NS, URLInputSource::utf16StatusCodeElementName)) {
 426                     int responseCode = XMLString::parseInt(doc->getDocumentElement()->getFirstChild()->getNodeValue());
 427                     doc->release();
 428                     if (responseCode == HTTPResponse::XMLTOOLING_HTTP_STATUS_NOTMODIFIED)
 429                         throw (long)responseCode; // toss out as a "known" case to handle gracefully
 430                     else {
 431                         m_log.warn("remote resource fetch returned atypical status code (%d)", responseCode);
 432                         throw IOException("remote resource fetch failed, check log for status code of response");
 433                     }
 434                 }
 435             }
 436
 437             m_log.infoStream() << "loaded XML resource (" << (backup ? m_backing : m_source) << ")" << logging::eol;
 438 #ifndef XMLTOOLING_LITE
 439             if (m_credResolver || m_trust) {
 440                 m_log.debug("checking signature on XML resource");
 441                 try {
 442                     DOMElement* sigel = XMLHelper::getFirstChildElement(doc->getDocumentElement(), xmlconstants::XMLSIG_NS, Signature::LOCAL_NAME);
 443                     if (!sigel)
 444                         throw XMLSecurityException("Signature validation required, but no signature found.");
 445
 446                     // Wrap and unmarshall the signature for the duration of the check.
 447                     auto_ptr<Signature> sigobj(dynamic_cast<Signature*>(SignatureBuilder::buildOneFromElement(sigel)));    // don't bind to document
 448                     validateSignature(*sigobj.get());
 449                 }
 450                 catch (exception&) {
 451                     doc->release();
 452                     throw;
 453                 }
 454
 455             }
 456 #endif
 457             return make_pair(true, doc->getDocumentElement());
 458         }
 459     }
 460     catch (XMLException& e) {
 461         auto_ptr_char msg(e.getMessage());
 462         m_log.errorStream() << "Xerces error while loading resource (" << (backup ? m_backing : m_source) << "): "
 463             << msg.get() << logging::eol;
 464         throw XMLParserException(msg.get());
 465     }
 466     catch (exception& e) {
 467         m_log.errorStream() << "error while loading resource ("
 468             << (m_source.empty() ? "inline" : (backup ? m_backing : m_source)) << "): " << e.what() << logging::eol;
 469         throw;
 470     }
 471 }
 472
 473 pair<bool,DOMElement*> ReloadableXMLFile::load()
 474 {
 475     // If this method is used, we're responsible for managing failover to a
 476     // backup of a remote resource (if available), and for backing up remote
 477     // resources.
 478     try {
 479         pair<bool,DOMElement*> ret = load(false);
 480         if (!m_backing.empty()) {
 481             m_log.debug("backing up remote resource to (%s)", m_backing.c_str());
 482             try {
 483                 Locker locker(getBackupLock());
 484                 ofstream backer(m_backing.c_str());
 485                 backer << *(ret.second->getOwnerDocument());
 486                 preserveCacheTag();
 487             }
 488             catch (exception& ex) {
 489                 m_log.crit("exception while backing up resource: %s", ex.what());
 490             }
 491         }
 492         return ret;
 493     }
 494     catch (long& responseCode) {
 495         // If there's an HTTP error or the document hasn't changed,
 496         // use the backup iff we have no "valid" resource in place.
 497         // That prevents reload of the backup copy any time the document
 498         // hasn't changed.
 499         if (responseCode == HTTPResponse::XMLTOOLING_HTTP_STATUS_NOTMODIFIED)
 500             m_log.info("remote resource (%s) unchanged from cached version", m_source.c_str());
 501         if (!m_loaded && !m_backing.empty())
 502             return load(true);
 503         throw;
 504     }
 505     catch (exception&) {
 506         // Same as above, but for general load/parse errors.
 507         if (!m_loaded && !m_backing.empty())
 508             return load(true);
 509         throw;
 510     }
 511 }
 512
 513 pair<bool,DOMElement*> ReloadableXMLFile::background_load()
 514 {
 515     // If this method isn't overridden, we acquire a write lock
 516     // and just call the old override.
 517     if (m_lock)
 518         m_lock->wrlock();
 519     SharedLock locker(m_lock, false);
 520     return load();
 521 }
 522
 523 Lockable* ReloadableXMLFile::getBackupLock()
 524 {
 525     return &XMLToolingConfig::getConfig();
 526 }
 527
 528 void ReloadableXMLFile::preserveCacheTag()
 529 {
 530     if (!m_cacheTag.empty() && !m_backing.empty()) {
 531         try {
 532             string tagname = m_backing + ".tag";
 533             ofstream backer(tagname.c_str());
 534             backer << m_cacheTag;
 535         }
 536         catch (exception&) {
 537         }
 538     }
 539 }
 540
 541 #ifndef XMLTOOLING_LITE
 542
 543 void ReloadableXMLFile::validateSignature(Signature& sigObj) const
 544 {
 545     DSIGSignature* sig=sigObj.getXMLSignature();
 546     if (!sig)
 547         throw XMLSecurityException("Signature does not exist yet.");
 548
 549     // Make sure the whole document was signed.
 550     bool valid=false;
 551     DSIGReferenceList* refs=sig->getReferenceList();
 552     if (refs && refs->getSize()==1) {
 553         DSIGReference* ref=refs->item(0);
 554         if (ref) {
 555             const XMLCh* URI=ref->getURI();
 556             if (URI==nullptr || *URI==0) {
 557                 DSIGTransformList* tlist=ref->getTransforms();
 558                 if (tlist->getSize() <= 2) {
 559                     for (unsigned int i=0; tlist && i<tlist->getSize(); i++) {
 560                         if (tlist->item(i)->getTransformType()==TRANSFORM_ENVELOPED_SIGNATURE)
 561                             valid=true;
 562                         else if (tlist->item(i)->getTransformType()!=TRANSFORM_EXC_C14N &&
 563                                  tlist->item(i)->getTransformType()!=TRANSFORM_C14N
 564 #ifdef XMLTOOLING_XMLSEC_C14N11
 565                                  && tlist->item(i)->getTransformType()!=TRANSFORM_C14N11
 566 #endif
 567                                  ) {
 568                             valid=false;
 569                             break;
 570                         }
 571                     }
 572                 }
 573             }
 574         }
 575     }
 576
 577     if (!valid)
 578         throw XMLSecurityException("Invalid signature profile for signed configuration resource.");
 579
 580     // Set up criteria.
 581     CredentialCriteria cc;
 582     cc.setUsage(Credential::SIGNING_CREDENTIAL);
 583     cc.setSignature(sigObj, CredentialCriteria::KEYINFO_EXTRACTION_KEY);
 584     if (!m_signerName.empty())
 585         cc.setPeerName(m_signerName.c_str());
 586
 587     if (m_credResolver) {
 588         Locker locker(m_credResolver);
 589         vector<const Credential*> creds;
 590         if (m_credResolver->resolve(creds, &cc)) {
 591             SignatureValidator sigValidator;
 592             for (vector<const Credential*>::const_iterator i = creds.begin(); i != creds.end(); ++i) {
 593                 try {
 594                     sigValidator.setCredential(*i);
 595                     sigValidator.validate(&sigObj);
 596                     return; // success!
 597                 }
 598                 catch (exception&) {
 599                 }
 600             }
 601             throw XMLSecurityException("Unable to verify signature with supplied key(s).");
 602         }
 603         else {
 604             throw XMLSecurityException("CredentialResolver did not supply any candidate keys.");
 605         }
 606     }
 607     else if (m_trust) {
 608         DummyCredentialResolver dummy;
 609         if (m_trust->validate(sigObj, dummy, &cc))
 610             return;
 611         throw XMLSecurityException("TrustEngine unable to verify signature.");
 612     }
 613
 614     throw XMLSecurityException("Unable to verify signature.");
 615 }
 616
 617 #endif