projects / shibboleth / opensaml2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
KeyInfo should be base64-decoded in simple sign rule.
[shibboleth/opensaml2.git] / saml / saml2 / binding / impl / SAML2POSTEncoder.cpp
diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
index 65ccb38..5820150 100644 (file)
--- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
@@ -175,6 +175,19 @@ long SAML2POSTEncoder::encode(
         memset(sigbuf,0,sizeof(sigbuf));
         Signature::createRawSignature(credential->getPrivateKey(), signatureAlg, input.c_str(), input.length(), sigbuf, sizeof(sigbuf)-1);
         pmap.m_map["Signature"] = sigbuf;
+
+        auto_ptr<KeyInfo> keyInfo(credential->getKeyInfo());
+        if (keyInfo.get()) {
+            string& kstring = pmap.m_map["KeyInfo"];
+            XMLHelper::serialize(keyInfo->marshall((DOMDocument*)NULL), kstring);
+            unsigned int len=0;
+            XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(kstring.data()),kstring.size(),&len);
+            if (!out)
+                throw BindingException("Base64 encoding of XML failed.");
+            kstring.erase();
+            kstring.append(reinterpret_cast<char*>(out),len);
+            XMLString::release(&out);
+        }
     }
     
     // Base64 the message.
Unnamed repository; edit this file 'description' to name the repository.