XMLTooling - Is it possible to not emit <ds:KeyInfo> in C++?
Selhorst, Marcel
Marcel.Selhorst at BDR.de
Thu Nov 1 12:58:24 EDT 2012
Hi list,
I currently have an issue regarding the generation and emitting of the <ds:KeyInfo>-Object in the C++-Version of XMLTooling:
I am using OpenSAML to generate signed SAMLRequests including encrypted extensions.
For privacy reasons I don't want to emit additional key information such as <ds:KeyName> and <ds:X509Data>
(including the used certificate in <ds:X509Certificate and the SubjectName in <ds:X509SubjectName>),
which is in C++ by default emitted within the signature as well as the encrypted extension.
In Java I managed to remove this by simply using the KeyInfoGeneratorFactory and setting setEmit* to 'false', similar to this:
X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
kiFactory.setEmitEntityCertificate(false);
kiFactory.setEmitKeyNames(false);
kiFactory.setEmitX509SubjectName(false);
KeyInfo sigKeyInfo =
kiFactory.newInstance().generate(mySigCred);
signature.setKeyInfo(sigKeyInfo);
However, I can't find a solution for this in C++.
Trying something like:
KeyInfo* foo = KeyInfoBuilder::buildKeyInfo();
mySignature->setKeyInfo(foo);
or
mySignature->setKeyInfo(nullptr);
always includes the aforementioned key information...
Any clue how I can do this with C++?
Thanks in advance and best regards!
Marcel
More information about the users
mailing list