X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-xmltooling.git;a=blobdiff_plain;f=xmltooling%2Fsecurity%2Fimpl%2FInlineKeyResolver.cpp;h=9ed4deeba1a8df71a8075188ee2c3b0cadc61786;hp=9c3471c7f36eaa13ac31def00b28933c986ce399;hb=e4ed5f5716f6a8973b098c6bb033838d258d47b0;hpb=eab22660b1e5678870b4750af89a963476e38c3f

diff --git a/xmltooling/security/impl/InlineKeyResolver.cpp b/xmltooling/security/impl/InlineKeyResolver.cpp
index 9c3471c..9ed4dee 100644
--- a/xmltooling/security/impl/InlineKeyResolver.cpp
+++ b/xmltooling/security/impl/InlineKeyResolver.cpp
@@ -40,6 +40,7 @@
 #include <xsec/enc/XSECCryptoX509.hpp>
 #include <xsec/enc/XSECCryptoKeyRSA.hpp>
 #include <xsec/enc/XSECCryptoKeyDSA.hpp>
+#include <xsec/enc/XSECCryptoKeyEC.hpp>
 #include <xsec/enc/XSECCryptoException.hpp>
 #include <xsec/framework/XSECException.hpp>
 
@@ -282,10 +283,20 @@ bool InlineCredential::resolveKey(const KeyInfo* keyInfo, bool followRefs)
                 m_key = dsa.release();
                 return true;
             }
+#ifdef XMLTOOLING_XMLSEC_ECC
             ECKeyValue* eckv = (*i)->getECKeyValue();
-            if (eckv) {
-                log.warn("skipping ds11:ECKeyValue, not yet supported");
+            if (eckv && eckv->getNamedCurve() && eckv->getPublicKey()) {
+                log.warn("resolving ds11:ECKeyValue");
+                auto_ptr<XSECCryptoKeyEC> ec(XSECPlatformUtils::g_cryptoProvider->keyEC());
+                auto_ptr_char uri(eckv->getNamedCurve()->getURI());
+                auto_ptr_char val(eckv->getPublicKey()->getValue());
+                if (uri.get() && val.get()) {
+                    ec->loadPublicKeyBase64(uri.get(), val.get(), XMLString::stringLen(val.get()));
+                    m_key = ec.release();
+                    return true;
+                }
             }
+#endif
         }
         catch (ValidationException& ex) {
             log.warn("skipping invalid ds:KeyValue (%s)", ex.what());