// role interface to verify the EE certificate.\r
\r
log.debug("attempting to match key information from peer with end-entity certificate");\r
- vector<XSECCryptoX509*> resolvedCerts;\r
while (keyInfoSource.hasNext()) {\r
- resolvedCerts.clear();\r
+ KeyResolver::ResolvedCertificates resolvedCerts;\r
if (0 == (keyResolver ? keyResolver : m_keyResolver)->resolveCertificates(keyInfoSource.next(),resolvedCerts)) {\r
log.debug("key information does not resolve to a certificate, skipping it");\r
continue;\r
}\r
\r
log.debug("checking if certificates contained within key information match end-entity certificate");\r
- if (resolvedCerts.front()->getProviderName()!=DSIGConstants::s_unicodeStrPROVOpenSSL) {\r
+ if (resolvedCerts.v().front()->getProviderName()!=DSIGConstants::s_unicodeStrPROVOpenSSL) {\r
log.error("only the OpenSSL XSEC provider is supported");\r
continue;\r
}\r
- else if (!X509_cmp(static_cast<OpenSSLCryptoX509*>(certEE)->getOpenSSLX509(),static_cast<OpenSSLCryptoX509*>(resolvedCerts.front())->getOpenSSLX509())) {\r
+ else if (!X509_cmp(static_cast<OpenSSLCryptoX509*>(certEE)->getOpenSSLX509(),static_cast<OpenSSLCryptoX509*>(resolvedCerts.v().front())->getOpenSSLX509())) {\r
log.info("end-entity certificate matches certificate from peer key information");\r
return true;\r
}\r