From: Scott Cantor Date: Tue, 31 Aug 2010 22:04:54 +0000 (+0000) Subject: Fix incorrect RSA key size calculation, and reduce extra calls to that method. X-Git-Tag: 1.4RC1~37 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-xmltooling.git;a=commitdiff_plain;h=764cd6415e2a4a999219c2d4c7fa1fa01624d90a Fix incorrect RSA key size calculation, and reduce extra calls to that method. --- diff --git a/xmltooling/security/impl/CredentialCriteria.cpp b/xmltooling/security/impl/CredentialCriteria.cpp index c5a31e5..b3b4ed2 100644 --- a/xmltooling/security/impl/CredentialCriteria.cpp +++ b/xmltooling/security/impl/CredentialCriteria.cpp @@ -239,19 +239,20 @@ bool CredentialCriteria::matches(const Credential& credential) const } // KeySize check, if specified and we have one. - if (credential.getKeySize() > 0) { + unsigned int ksize = credential.getKeySize(); + if (ksize > 0) { if (m_keySize > 0 && m_maxKeySize == 0) { - if (credential.getKeySize() != m_keySize) { - log.debug("key size (%u) didn't match (%u)", credential.getKeySize(), m_keySize); + if (ksize != m_keySize) { + log.debug("key size (%u) didn't match (%u)", ksize, m_keySize); return false; } } - else if (m_keySize > 0 && credential.getKeySize() < m_keySize) { - log.debug("key size (%u) smaller than minimum (%u)", credential.getKeySize(), m_keySize); + else if (m_keySize > 0 && ksize < m_keySize) { + log.debug("key size (%u) smaller than minimum (%u)", ksize, m_keySize); return false; } - else if (m_maxKeySize > 0 && credential.getKeySize() > m_maxKeySize) { - log.debug("key size (%u) larger than maximum (%u)", credential.getKeySize(), m_maxKeySize); + else if (m_maxKeySize > 0 && ksize > m_maxKeySize) { + log.debug("key size (%u) larger than maximum (%u)", ksize, m_maxKeySize); return false; } }