Convert from NULL macro to nullptr.

[shibboleth/cpp-xmltooling.git] / xmltooling / signature / impl / SignatureValidator.cpp

diff --git a/xmltooling/signature/impl/SignatureValidator.cpp b/xmltooling/signature/impl/SignatureValidator.cpp
index dab1311..3dcddb1 100644 (file)
--- a/xmltooling/signature/impl/SignatureValidator.cpp
+++ b/xmltooling/signature/impl/SignatureValidator.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,6 +21,8 @@
  */
  
 #include "internal.h"
+#include "security/Credential.h"
+#include "signature/Signature.h"
 #include "signature/SignatureValidator.h"
 
 #include <xsec/enc/XSECCryptoException.hpp>
@@ -30,6 +32,30 @@ using namespace xmlsignature;
 using namespace xmltooling;
 using namespace std;
 
+SignatureValidator::SignatureValidator(XSECCryptoKey* key) : m_key(key), m_credential(nullptr)
+{
+}
+
+SignatureValidator::SignatureValidator(const Credential* credential) : m_key(nullptr), m_credential(credential)
+{
+}
+
+SignatureValidator::~SignatureValidator()
+{
+}
+
+void SignatureValidator::setKey(XSECCryptoKey* key)
+{
+    m_key = key;
+    m_credential = nullptr;
+}
+
+void SignatureValidator::setCredential(const Credential* credential)
+{
+    m_key = nullptr;
+    m_credential = credential;
+}
+
 void SignatureValidator::validate(const XMLObject* xmlObject) const
 {
     const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);
@@ -43,16 +69,17 @@ void SignatureValidator::validate(const Signature* sigObj) const
     DSIGSignature* sig=sigObj->getXMLSignature();
     if (!sig)
         throw ValidationException("Signature does not exist yet.");
-    else if (!m_key && !m_resolver)
-        throw ValidationException("No KeyResolver or signing key set on Validator.");
+    else if (!m_key && !m_credential)
+        throw ValidationException("No Credential or key set on Validator.");
+
+    XSECCryptoKey* key = m_key ? m_key : (m_credential ? m_credential->getPublicKey() : nullptr);
+    if (!key)
+        throw ValidationException("Credential did not contain a verification key.");
 
     try {
-        XSECCryptoKey* key = m_key ? m_key->clone() : m_resolver->resolveKey(sig->getKeyInfoList());
-        if (!key)
-            throw ValidationException("Unable to resolve signing key.");
-        sig->setSigningKey(key);
+        sig->setSigningKey(key->clone());
         if (!sig->verify())
-            throw ValidationException("Digital signature does not validate with the given key.");
+            throw ValidationException("Digital signature does not validate with the supplied key.");
     }
     catch(XSECException& e) {
         auto_ptr_char temp(e.getMsg());