}
}
+ // Check for RetrievalMethod.
+ const XMLCh* fragID=NULL;
+ const XMLObject* treeRoot=NULL;
+ XSECCryptoKey* remote=NULL;
+ const vector<RetrievalMethod*> methods=keyInfo->getRetrievalMethods();
+ for (vector<RetrievalMethod*>::const_iterator m=methods.begin(); m!=methods.end(); ++m) {
+ if (!XMLString::equals((*m)->getType(),RetrievalMethod::TYPE_X509DATA) &&
+ !XMLString::equals((*m)->getType(),RetrievalMethod::TYPE_RSAKEYVALUE) &&
+ !XMLString::equals((*m)->getType(),RetrievalMethod::TYPE_DSAKEYVALUE))
+ continue;
+ fragID = (*m)->getURI();
+ if (!fragID || *fragID != chPound || !*(fragID+1)) {
+ log.warn("skipping ds:RetrievalMethod with an empty or non-local reference");
+ continue;
+ }
+ if (!treeRoot) {
+ treeRoot = keyInfo;
+ while (treeRoot->getParent())
+ treeRoot = treeRoot->getParent();
+ }
+ keyInfo = dynamic_cast<const KeyInfo*>(XMLHelper::getXMLObjectById(*treeRoot, fragID+1));
+ if (!keyInfo) {
+ log.warn("skipping ds:RetrievalMethod, local reference did not resolve to a ds:KeyInfo");
+ continue;
+ }
+ remote = _resolveKey(keyInfo);
+ if (remote)
+ return remote;
+ }
+
log.warn("unable to resolve key");
return NULL;
}
}
}
}
+
+ if (certs.empty()) {
+ // Check for RetrievalMethod.
+ const XMLCh* fragID=NULL;
+ const XMLObject* treeRoot=NULL;
+ const vector<RetrievalMethod*> methods=keyInfo->getRetrievalMethods();
+ for (vector<RetrievalMethod*>::const_iterator m=methods.begin(); certs.empty() && m!=methods.end(); ++m) {
+ if (!XMLString::equals((*m)->getType(),RetrievalMethod::TYPE_X509DATA))
+ continue;
+ fragID = (*m)->getURI();
+ if (!fragID || *fragID != chPound || !*(fragID+1)) {
+ log.warn("skipping ds:RetrievalMethod with an empty or non-local reference");
+ continue;
+ }
+ if (!treeRoot) {
+ treeRoot = keyInfo;
+ while (treeRoot->getParent())
+ treeRoot = treeRoot->getParent();
+ }
+ keyInfo = dynamic_cast<const KeyInfo*>(XMLHelper::getXMLObjectById(*treeRoot, fragID+1));
+ if (!keyInfo) {
+ log.warn("skipping ds:RetrievalMethod, local reference did not resolve to a ds:KeyInfo");
+ continue;
+ }
+ _resolveCertificates(keyInfo, certs);
+ }
+ }
+
if (log.isDebugEnabled()) {
log.debug("resolved %d certificate%s", certs.size(), certs.size()==1 ? "" : "s");
}
}
}
}
+
+ // Check for RetrievalMethod.
+ const XMLCh* fragID=NULL;
+ const XMLObject* treeRoot=NULL;
+ XSECCryptoX509CRL* remote=NULL;
+ const vector<RetrievalMethod*> methods=keyInfo->getRetrievalMethods();
+ for (vector<RetrievalMethod*>::const_iterator m=methods.begin(); m!=methods.end(); ++m) {
+ if (!XMLString::equals((*m)->getType(),RetrievalMethod::TYPE_X509DATA))
+ continue;
+ fragID = (*m)->getURI();
+ if (!fragID || *fragID != chPound || !*(fragID+1)) {
+ log.warn("skipping ds:RetrievalMethod with an empty or non-local reference");
+ continue;
+ }
+ if (!treeRoot) {
+ treeRoot = keyInfo;
+ while (treeRoot->getParent())
+ treeRoot = treeRoot->getParent();
+ }
+ keyInfo = dynamic_cast<const KeyInfo*>(XMLHelper::getXMLObjectById(*treeRoot, fragID+1));
+ if (!keyInfo) {
+ log.warn("skipping ds:RetrievalMethod, local reference did not resolve to a ds:KeyInfo");
+ continue;
+ }
+ remote = _resolveCRL(keyInfo);
+ if (remote)
+ return remote;
+ }
+
return NULL;
}
};
const XMLCh X509CRL::LOCAL_NAME[] = { XCH(X), XNUM(5), XNUM(0), XNUM(9), XCH(C), XCH(R), XCH(L), chNull };
+const XMLCh RetrievalMethod::TYPE_DSAKEYVALUE[] = {
+ chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash, chForwardSlash,
+ chLatin_w, chLatin_w, chLatin_w, chPeriod, chLatin_w, chDigit_3, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash,
+ chDigit_2, chDigit_0, chDigit_0, chDigit_0, chForwardSlash, chDigit_0, chDigit_9, chForwardSlash,
+ chLatin_x, chLatin_m, chLatin_l, chLatin_d, chLatin_s, chLatin_i, chLatin_g, chPound,
+ chLatin_D, chLatin_S, chLatin_A, chLatin_K, chLatin_e, chLatin_y, chLatin_V, chLatin_a, chLatin_l, chLatin_u, chLatin_e, chNull
+ };
+
+const XMLCh RetrievalMethod::TYPE_RSAKEYVALUE[] = {
+ chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash, chForwardSlash,
+ chLatin_w, chLatin_w, chLatin_w, chPeriod, chLatin_w, chDigit_3, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash,
+ chDigit_2, chDigit_0, chDigit_0, chDigit_0, chForwardSlash, chDigit_0, chDigit_9, chForwardSlash,
+ chLatin_x, chLatin_m, chLatin_l, chLatin_d, chLatin_s, chLatin_i, chLatin_g, chPound,
+ chLatin_R, chLatin_S, chLatin_A, chLatin_K, chLatin_e, chLatin_y, chLatin_V, chLatin_a, chLatin_l, chLatin_u, chLatin_e, chNull
+ };
+
+const XMLCh RetrievalMethod::TYPE_X509DATA[] = {
+ chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash, chForwardSlash,
+ chLatin_w, chLatin_w, chLatin_w, chPeriod, chLatin_w, chDigit_3, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash,
+ chDigit_2, chDigit_0, chDigit_0, chDigit_0, chForwardSlash, chDigit_0, chDigit_9, chForwardSlash,
+ chLatin_x, chLatin_m, chLatin_l, chLatin_d, chLatin_s, chLatin_i, chLatin_g, chPound,
+ chLatin_X, chDigit_5, chDigit_0, chDigit_9, chLatin_D, chLatin_a, chLatin_t, chLatin_a, chNull
+ };
+
\ No newline at end of file