void bdoc::Signature::checkSignatureValue()
{
X509Cert cert(getSigningCertificate());
const dsig::SignatureMethodType::AlgorithmType&
algorithmType = getSignatureMethodAlgorithmType();
const char* algorithmUri = algorithmType.c_str();
// Get hash method URI from signature method URI.
signatureMethod sm;
hashMethod hm;
safeBuffer hashMethodUri;
if (!XSECmapURIToSignatureMethods(XMLString::transcode(algorithmUri), sm, hm)
|| !hashMethod2URI(hashMethodUri, hm)) {
THROW_STACK_EXCEPTION("Couldn't extract hash method from "
"signature method URI '%s'.", algorithmUri);
}
std::auto_ptr<Digest> calc = Digest::create(hashMethodUri.rawCharBuffer());
std::vector<unsigned char> digest =
calcDigestOnNode(calc.get(), DSIG_NAMESPACE, "SignedInfo");
std::vector<unsigned char> signatureValue = getSignatureValue();
if (!cert.verifySignature(calc->getMethod(), calc->getSize(), digest,
signatureValue)) {
THROW_STACK_EXCEPTION("Signature is not valid.");
}
}
DOMElement *DSIGReference::createBlankReference(const XMLCh * URI, hashMethod hm, char * type) {
// Deprecated - use the algorithm URI based method instead
safeBuffer hURI;
if (hashMethod2URI(hURI, hm) == false) {
throw XSECException(XSECException::UnknownSignatureAlgorithm,
"DSIGReference::createBlankReference - Hash method unknown");
}
return createBlankReference(URI, hURI.sbStrToXMLCh(), MAKE_UNICODE_STRING(type));
}
