*/
#include "internal.h"
+#include "logging.h"
#include "security/AbstractPKIXTrustEngine.h"
#include "signature/KeyInfo.h"
-#include <log4cpp/Category.hh>
#include <openssl/x509_vfy.h>
#include <openssl/x509v3.h>
#include <xmltooling/security/CredentialCriteria.h>
#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>
using namespace xmlsignature;
+using namespace xmltooling::logging;
using namespace xmltooling;
-using namespace log4cpp;
using namespace std;
X509* certEE, const CredentialResolver& credResolver, const CredentialCriteria& criteria
) const
{
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX");
// We resolve to a set of trusted credentials.
vector<const Credential*> creds;
buf[len] = '\0';
subjectstr+=buf;
}
- log.debugStream() << "certificate subject: " << subjectstr << CategoryStream::ENDLINE;
+ log.debugStream() << "certificate subject: " << subjectstr << logging::eol;
// The flags give us LDAP order instead of X.500, with a comma plus space separator.
len=X509_NAME_print_ex(b2,subject,0,XN_FLAG_RFC2253 + XN_FLAG_SEP_CPLUS_SPC - XN_FLAG_SEP_COMMA_PLUS);
BIO_flush(b2);
#ifdef _DEBUG
NDC ndc("validate");
#endif
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX");
if (!certEE) {
log.error("X.509 credential was NULL, unable to perform validation");
if (criteria && criteria->getPeerName() && *(criteria->getPeerName())) {
log.debug("checking that the certificate name is acceptable");
- if (criteria->getUsage()==CredentialCriteria::UNSPECIFIED_CREDENTIAL)
- criteria->setUsage(CredentialCriteria::SIGNING_CREDENTIAL);
+ if (criteria->getUsage()==Credential::UNSPECIFIED_CREDENTIAL)
+ criteria->setUsage(Credential::SIGNING_CREDENTIAL);
if (!checkEntityNames(certEE,credResolver,*criteria)) {
log.error("certificate name was not acceptable");
return false;
NDC ndc("validate");
#endif
if (!certEE) {
- Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine").error("X.509 credential was NULL, unable to perform validation");
+ Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX").error("X.509 credential was NULL, unable to perform validation");
return false;
}
else if (certEE->getProviderName()!=DSIGConstants::s_unicodeStrPROVOpenSSL) {
- Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine").error("only the OpenSSL XSEC provider is supported");
+ Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX").error("only the OpenSSL XSEC provider is supported");
return false;
}
#ifdef _DEBUG
NDC ndc("validate");
#endif
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX");
const KeyInfoResolver* inlineResolver = m_keyInfoResolver;
if (!inlineResolver)
#ifdef _DEBUG
NDC ndc("validate");
#endif
- Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine");
+ Category& log=Category::getInstance(XMLTOOLING_LOGCAT".TrustEngine.PKIX");
if (!keyInfo) {
log.error("unable to perform PKIX validation, KeyInfo not present");
projects / shibboleth / xmltooling.git / blobdiff