From f5916adc518ba7e5cecb4304af11fbc2bb528e32 Mon Sep 17 00:00:00 2001 From: cantor Date: Sun, 18 Mar 2007 06:15:25 +0000 Subject: [PATCH] Revised decryption APIs to clarify CredentialResolver/KeyResolver difference. git-svn-id: https://svn.middleware.georgetown.edu/cpp-opensaml2/trunk@209 fb386ef7-a10c-0410-8ebf-fd3f8e989ab0 --- saml/encryption/EncryptedKeyResolver.cpp | 2 +- saml/encryption/EncryptedKeyResolver.h | 6 +----- saml/saml2/core/Assertions.h | 8 ++++---- saml/saml2/core/impl/Assertions20Impl.cpp | 7 ++++--- saml/saml2/core/impl/Protocols20Impl.cpp | 7 ++++--- 5 files changed, 14 insertions(+), 16 deletions(-) diff --git a/saml/encryption/EncryptedKeyResolver.cpp b/saml/encryption/EncryptedKeyResolver.cpp index ef90378..6a8f81b 100644 --- a/saml/encryption/EncryptedKeyResolver.cpp +++ b/saml/encryption/EncryptedKeyResolver.cpp @@ -26,7 +26,7 @@ using namespace xmlencryption; using namespace std; -EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(EncryptedData* encryptedData) +EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(EncryptedData& encryptedData) const { const vector& keys=m_ref.getEncryptedKeys(); for (vector::const_iterator i=keys.begin(); i!=keys.end(); i++) { diff --git a/saml/encryption/EncryptedKeyResolver.h b/saml/encryption/EncryptedKeyResolver.h index 5d8daa8..51f74ba 100644 --- a/saml/encryption/EncryptedKeyResolver.h +++ b/saml/encryption/EncryptedKeyResolver.h @@ -46,11 +46,7 @@ namespace opensaml { XMLString::release(&m_recipient); } - xmlencryption::EncryptedKey* resolveKey(xmlencryption::EncryptedData* encryptedData); - - EncryptedKeyResolver* clone() const { - return new EncryptedKeyResolver(m_ref, m_recipient); - } + xmlencryption::EncryptedKey* resolveKey(xmlencryption::EncryptedData& encryptedData) const; protected: const saml2::EncryptedElementType& m_ref; diff --git a/saml/saml2/core/Assertions.h b/saml/saml2/core/Assertions.h index 9faaa8b..31d11cf 100644 --- a/saml/saml2/core/Assertions.h +++ b/saml/saml2/core/Assertions.h @@ -28,7 +28,7 @@ #include #include -#include +#include #include #include @@ -65,13 +65,13 @@ namespace opensaml { * inside the message. The key decryption key should be supplied using the provided * resolver. The recipient name may be used when multiple encrypted keys are found. * The object returned will be unmarshalled around the decrypted DOM element, but the - * DOM itself will be released. + * DOM itself will be released. * - * @param KEKresolver resolver supplying key decryption key + * @param KEKresolver locked resolver supplying key decryption key * @param recipient identifier naming the recipient (the entity performing the decryption) * @return the decrypted and unmarshalled object */ - virtual xmltooling::XMLObject* decrypt(xmltooling::KeyResolver* KEKresolver, const XMLCh* recipient) const=0; + virtual xmltooling::XMLObject* decrypt(const xmltooling::CredentialResolver* KEKresolver, const XMLCh* recipient) const=0; END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,EncryptedID,EncryptedElementType,SAML 2.0 EncryptedID element); diff --git a/saml/saml2/core/impl/Assertions20Impl.cpp b/saml/saml2/core/impl/Assertions20Impl.cpp index f4fe15a..a26a275 100644 --- a/saml/saml2/core/impl/Assertions20Impl.cpp +++ b/saml/saml2/core/impl/Assertions20Impl.cpp @@ -192,12 +192,13 @@ namespace opensaml { } } - XMLObject* decrypt(KeyResolver* KEKresolver, const XMLCh* recipient) const + XMLObject* decrypt(const CredentialResolver* KEKresolver, const XMLCh* recipient) const { if (!m_EncryptedData) throw DecryptionException("No encrypted data present."); - Decrypter decrypter(KEKresolver, new EncryptedKeyResolver(*this, recipient)); - DOMDocumentFragment* frag = decrypter.decryptData(m_EncryptedData); + EncryptedKeyResolver ekr(*this, recipient); + Decrypter decrypter(KEKresolver, &ekr); + DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData); if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) { DOMNode* plaintext=frag->getFirstChild(); if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) { diff --git a/saml/saml2/core/impl/Protocols20Impl.cpp b/saml/saml2/core/impl/Protocols20Impl.cpp index 1084ca5..ab3b970 100644 --- a/saml/saml2/core/impl/Protocols20Impl.cpp +++ b/saml/saml2/core/impl/Protocols20Impl.cpp @@ -1288,12 +1288,13 @@ namespace opensaml { } } - XMLObject* decrypt(KeyResolver* KEKresolver, const XMLCh* recipient) const + XMLObject* decrypt(const CredentialResolver* KEKresolver, const XMLCh* recipient) const { if (!m_EncryptedData) throw DecryptionException("No encrypted data present."); - Decrypter decrypter(KEKresolver, new EncryptedKeyResolver(*this, recipient)); - DOMDocumentFragment* frag = decrypter.decryptData(m_EncryptedData); + EncryptedKeyResolver ekr(*this, recipient); + Decrypter decrypter(KEKresolver, &ekr); + DOMDocumentFragment* frag = decrypter.decryptData(*m_EncryptedData); if (frag->hasChildNodes() && frag->getFirstChild()==frag->getLastChild()) { DOMNode* plaintext=frag->getFirstChild(); if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) { -- 2.1.4