You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2006/03/01 10:35:07 UTC
svn commit: r381966 - in /xml/security/trunk/c/src/xkms: XKMSConstants.cpp
XKMSConstants.hpp XKMSRSAKeyPair.hpp XKMSRegisterResult.hpp
impl/XKMSRSAKeyPairImpl.cpp impl/XKMSRSAKeyPairImpl.hpp
impl/XKMSRegisterResultImpl.cpp impl/XKMSRegisterResultImpl.hpp
Author: blautenb
Date: Wed Mar 1 01:35:05 2006
New Revision: 381966
URL: http://svn.apache.org/viewcvs?rev=381966&view=rev
Log:
Support for loading an RSAKeyPair from a RegisterResult message
Added:
xml/security/trunk/c/src/xkms/XKMSRSAKeyPair.hpp
xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.cpp
xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.hpp
Modified:
xml/security/trunk/c/src/xkms/XKMSConstants.cpp
xml/security/trunk/c/src/xkms/XKMSConstants.hpp
xml/security/trunk/c/src/xkms/XKMSRegisterResult.hpp
xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.cpp
xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.hpp
Modified: xml/security/trunk/c/src/xkms/XKMSConstants.cpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/XKMSConstants.cpp?rev=381966&r1=381965&r2=381966&view=diff
==============================================================================
--- xml/security/trunk/c/src/xkms/XKMSConstants.cpp (original)
+++ xml/security/trunk/c/src/xkms/XKMSConstants.cpp Wed Mar 1 01:35:05 2006
@@ -123,6 +123,26 @@
chNull
};
+const XMLCh XKMSConstants::s_tagD[] = {
+
+ chLatin_D,
+ chNull
+};
+
+const XMLCh XKMSConstants::s_tagDP[] = {
+
+ chLatin_D,
+ chLatin_P,
+ chNull
+};
+
+const XMLCh XKMSConstants::s_tagDQ[] = {
+
+ chLatin_D,
+ chLatin_Q,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagEncryption[] = {
chLatin_E,
@@ -151,6 +171,19 @@
chNull
};
+const XMLCh XKMSConstants::s_tagExponent[] = {
+
+ chLatin_E,
+ chLatin_x,
+ chLatin_p,
+ chLatin_o,
+ chLatin_n,
+ chLatin_e,
+ chLatin_n,
+ chLatin_t,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagFailure[] = {
chLatin_F,
@@ -203,6 +236,19 @@
chNull
};
+const XMLCh XKMSConstants::s_tagInverseQ[] = {
+
+ chLatin_I,
+ chLatin_n,
+ chLatin_v,
+ chLatin_e,
+ chLatin_r,
+ chLatin_s,
+ chLatin_e,
+ chLatin_Q,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagIndeterminateReason[] = {
chLatin_I,
@@ -377,6 +423,18 @@
chNull
};
+const XMLCh XKMSConstants::s_tagModulus[] = {
+
+ chLatin_M,
+ chLatin_o,
+ chLatin_d,
+ chLatin_u,
+ chLatin_l,
+ chLatin_u,
+ chLatin_s,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagNonce[] = {
chLatin_N,
@@ -503,6 +561,12 @@
chNull
};
+const XMLCh XKMSConstants::s_tagP[] = {
+
+ chLatin_P,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagPending[] = {
chLatin_P,
@@ -534,6 +598,21 @@
chNull
};
+const XMLCh XKMSConstants::s_tagPrivateKey[] = {
+
+ chLatin_P,
+ chLatin_r,
+ chLatin_i,
+ chLatin_v,
+ chLatin_a,
+ chLatin_t,
+ chLatin_e,
+ chLatin_K,
+ chLatin_e,
+ chLatin_y,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagProofOfPossession[] = {
chLatin_P,
@@ -593,6 +672,12 @@
chNull
};
+const XMLCh XKMSConstants::s_tagQ[] = {
+
+ chLatin_Q,
+ chNull
+};
+
const XMLCh XKMSConstants::s_tagQueryKeyBinding[] = {
chLatin_Q,
@@ -921,6 +1006,21 @@
chLatin_u,
chLatin_l,
chLatin_t,
+ chNull
+};
+
+const XMLCh XKMSConstants::s_tagRSAKeyPair[] = {
+
+ chLatin_R,
+ chLatin_S,
+ chLatin_A,
+ chLatin_K,
+ chLatin_e,
+ chLatin_y,
+ chLatin_P,
+ chLatin_a,
+ chLatin_i,
+ chLatin_r,
chNull
};
Modified: xml/security/trunk/c/src/xkms/XKMSConstants.hpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/XKMSConstants.hpp?rev=381966&r1=381965&r2=381966&view=diff
==============================================================================
--- xml/security/trunk/c/src/xkms/XKMSConstants.hpp (original)
+++ xml/security/trunk/c/src/xkms/XKMSConstants.hpp Wed Mar 1 01:35:05 2006
@@ -55,13 +55,18 @@
static const XMLCh s_tagAuthentication[];
static const XMLCh s_tagCompoundRequest[];
static const XMLCh s_tagCompoundResult[];
+ static const XMLCh s_tagD[];
+ static const XMLCh s_tagDP[];
+ static const XMLCh s_tagDQ[];
static const XMLCh s_tagEncryption[];
static const XMLCh s_tagExchange[];
+ static const XMLCh s_tagExponent[];
static const XMLCh s_tagFailure[];
static const XMLCh s_tagId[];
static const XMLCh s_tagIdentifier[];
static const XMLCh s_tagIndeterminateReason[];
static const XMLCh s_tagInvalidReason[];
+ static const XMLCh s_tagInverseQ[];
static const XMLCh s_tagKeyBinding[];
static const XMLCh s_tagKeyBindingAuthentication[];
static const XMLCh s_tagKeyInfo[];
@@ -71,6 +76,7 @@
static const XMLCh s_tagLocateRequest[];
static const XMLCh s_tagLocateResult[];
static const XMLCh s_tagMessageExtension[];
+ static const XMLCh s_tagModulus[];
static const XMLCh s_tagNonce[];
static const XMLCh s_tagNotBoundAuthentication[];
static const XMLCh s_tagNotBefore[];
@@ -78,11 +84,14 @@
static const XMLCh s_tagOpaqueClientData[];
static const XMLCh s_tagOpaqueData[];
static const XMLCh s_tagOriginalRequestId[];
+ static const XMLCh s_tagP[];
static const XMLCh s_tagPending[];
static const XMLCh s_tagPendingRequest[];
+ static const XMLCh s_tagPrivateKey[];
static const XMLCh s_tagProofOfPossession[];
static const XMLCh s_tagProtocol[];
static const XMLCh s_tagPrototypeKeyBinding[];
+ static const XMLCh s_tagQ[];
static const XMLCh s_tagQueryKeyBinding[];
static const XMLCh s_tagRegisterRequest[];
static const XMLCh s_tagRegisterResult[];
@@ -101,6 +110,7 @@
static const XMLCh s_tagRevokeKeyBinding[];
static const XMLCh s_tagRevokeRequest[];
static const XMLCh s_tagRevokeResult[];
+ static const XMLCh s_tagRSAKeyPair[];
static const XMLCh s_tagService[];
static const XMLCh s_tagSignature[];
static const XMLCh s_tagStatus[];
Added: xml/security/trunk/c/src/xkms/XKMSRSAKeyPair.hpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/XKMSRSAKeyPair.hpp?rev=381966&view=auto
==============================================================================
--- xml/security/trunk/c/src/xkms/XKMSRSAKeyPair.hpp (added)
+++ xml/security/trunk/c/src/xkms/XKMSRSAKeyPair.hpp Wed Mar 1 01:35:05 2006
@@ -0,0 +1,176 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * XSEC
+ *
+ * XKMSRSAKeyPair := Interface for RSAKeyPair elements
+ *
+ * $Id:$
+ *
+ */
+
+#ifndef XKMSRSAKEYPAIR_INCLUDE
+#define XKMSRSAKEYPAIR_INCLUDE
+
+// XSEC Includes
+
+#include <xsec/framework/XSECDefs.hpp>
+
+/**
+ * @ingroup xkms
+ */
+
+/**
+ * @brief Interface definition for the RSAKeyPair
+ *
+ * The \<RSAKeyPair\> is one of the few XKMS elements that is not
+ * directly part of an XKMS Message. It is sent in RegisterResult
+ * and RecoverResult messages as a CipherData.
+ *
+ * This element allows the service to provide back to the user
+ * a complete RSA key - including the private components. The various
+ * components that make up an RSA key are all provided in Base64 format
+ * (CryptoBinary type)
+ *
+ * The schema definition for RSAKeyPair is as follows :
+ *
+ * \verbatim
+ <!-- RSAKeyPair -->
+ <element name="RSAKeyPair" type="xkms:RSAKeyPairType"/>
+ <complexType name="RSAKeyPairType">
+ <sequence>
+ <element ref="xkms:Modulus"/>
+ <element ref="xkms:Exponent"/>
+ <element ref="xkms:P"/>
+ <element ref="xkms:Q"/>
+ <element ref="xkms:DP"/>
+ <element ref="xkms:DQ"/>
+ <element ref="xkms:InverseQ"/>
+ <element ref="xkms:D"/>
+ </sequence>
+ </complexType>
+ <element name="Modulus" type="ds:CryptoBinary"/>
+ <element name="Exponent" type="ds:CryptoBinary"/>
+ <element name="P" type="ds:CryptoBinary"/>
+ <element name="Q" type="ds:CryptoBinary"/>
+ <element name="DP" type="ds:CryptoBinary"/>
+ <element name="DQ" type="ds:CryptoBinary"/>
+ <element name="InverseQ" type="ds:CryptoBinary"/>
+ <element name="D" type="ds:CryptoBinary"/>
+ <!-- /RSAKeyPair -->
+\endverbatim
+ *
+ * @note There are no "set" methods for this class. It is designed
+ * to be created "atomically" via the XKMSMessageFactory class and not
+ * altered.
+ */
+
+
+class XKMSRSAKeyPair {
+
+public:
+
+ /** @name Constructors and Destructors */
+ //@{
+
+protected:
+
+ XKMSRSAKeyPair() {};
+
+public:
+
+ virtual ~XKMSRSAKeyPair() {};
+
+ /** @name Getter Interface Methods */
+ //@{
+
+ /**
+ * \brief Get the Modulus of the key pair
+ *
+ * @returns The Modulus in base64 encoding
+ */
+
+ virtual const XMLCh * getModulus(void) const = 0;
+
+ /**
+ * \brief Get the Exponent of the key pair
+ *
+ * @returns The Exponent in base64 encoding
+ */
+
+ virtual const XMLCh * getExponent(void) const = 0;
+
+ /**
+ * \brief Get the P of the key pair
+ *
+ * @returns The P in base64 encoding
+ */
+
+ virtual const XMLCh * getP(void) const = 0;
+
+ /**
+ * \brief Get the Q of the key pair
+ *
+ * @returns The Q in base64 encoding
+ */
+
+ virtual const XMLCh * getQ(void) const = 0;
+
+ /**
+ * \brief Get the DP of the key pair
+ *
+ * @returns The DP in base64 encoding
+ */
+
+ virtual const XMLCh * getDP(void) const = 0;
+
+ /**
+ * \brief Get the DQ of the key pair
+ *
+ * @returns The DQ in base64 encoding
+ */
+
+ virtual const XMLCh * getDQ(void) const = 0;
+
+ /**
+ * \brief Get the InverseQ of the key pair
+ *
+ * @returns The InverseQ in base64 encoding
+ */
+
+ virtual const XMLCh * getInverseQ(void) const = 0;
+
+ /**
+ * \brief Get the D of the key pair
+ *
+ * @returns The D in base64 encoding
+ */
+
+ virtual const XMLCh * getD(void) const = 0;
+
+
+ //@}
+
+private:
+
+ // Unimplemented
+ XKMSRSAKeyPair(const XKMSRSAKeyPair &);
+ XKMSRSAKeyPair & operator = (const XKMSRSAKeyPair &);
+
+};
+
+#endif /* XKMSRSAKEYPAIR_INCLUDE */
Modified: xml/security/trunk/c/src/xkms/XKMSRegisterResult.hpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/XKMSRegisterResult.hpp?rev=381966&r1=381965&r2=381966&view=diff
==============================================================================
--- xml/security/trunk/c/src/xkms/XKMSRegisterResult.hpp (original)
+++ xml/security/trunk/c/src/xkms/XKMSRegisterResult.hpp Wed Mar 1 01:35:05 2006
@@ -34,6 +34,7 @@
class XKMSKeyBinding;
class XKMSUnverifiedKeyBinding;
+class XKMSRSAKeyPair;
/**
* @ingroup xkms
@@ -125,6 +126,29 @@
virtual XKMSKeyBinding * appendKeyBindingItem(XKMSStatus::StatusValue status) = 0;
//@}
+
+ /** @name PrivateKey handling */
+ //@{
+
+ /**
+ * \brief Return the RSAKeyPair
+ *
+ * This call requires the passphrase used to encrypt the private key.
+ * The implementation decrypts the PrivateKey element in the
+ * RegisterResult and returns the resulting RSAKeyPair.
+ *
+ * @note The decryption is performed *inside* the RegisterResult, so
+ * this actually modified the contents of the XML. It should never
+ * be called twice!
+ *
+ * @param passPhrase The local code page version of the pass phrase
+ * @returns the number of KeyBinding items within the RegisterResult
+ */
+
+ virtual XKMSRSAKeyPair * getRSAKeyPair(const char * passPhrase) = 0;
+
+ //@}
+
private:
Added: xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.cpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.cpp?rev=381966&view=auto
==============================================================================
--- xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.cpp (added)
+++ xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.cpp Wed Mar 1 01:35:05 2006
@@ -0,0 +1,178 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * XSEC
+ *
+ * XKMSRSAKeyPairImpl := Implementation class for RSAKeyPair elements
+ *
+ * $Id:$
+ *
+ */
+
+// XSEC Includes
+
+#include <xsec/framework/XSECDefs.hpp>
+#include <xsec/utils/XSECDOMUtils.hpp>
+#include <xsec/framework/XSECError.hpp>
+#include <xsec/framework/XSECEnv.hpp>
+#include <xsec/xkms/XKMSConstants.hpp>
+
+
+#include "XKMSRSAKeyPairImpl.hpp"
+
+#include <xercesc/dom/DOM.hpp>
+#include <xercesc/util/XMLUniDefs.hpp>
+
+XERCES_CPP_NAMESPACE_USE
+
+#define XKMS_GET_RSA_VAL(XVAL) e = (DOMElement *) findNextElementChild(e); \
+ if (e == NULL || !strEquals(getXKMSLocalName(e), XKMSConstants::s_tag##XVAL) || \
+ ((t = findFirstChildOfType(e, DOMNode::TEXT_NODE)) == NULL)) { \
+ throw XSECException(XSECException::ExpectedXKMSChildNotFound, \
+ "XKMSRSAKeyPair::load - Expected <XVAL> node"); \
+ } \
+ mp_##XVAL = t->getNodeValue();
+
+#define XKMS_SET_RSA_VAL(XVAL) makeQName(str, prefix, XKMSConstants::s_tag##XVAL); \
+ e = doc->createElementNS(XKMSConstants::s_unicodeStrURIXKMS, \
+ str.rawXMLChBuffer());\
+ e->appendChild(doc->createTextNode(XVAL));\
+ mp_RSAKeyPairElement->appendChild(e);\
+ mp_env->doPrettyPrint(mp_RSAKeyPairElement);
+
+#define XKMS_RET_RSA_VAL(XVAL) const XMLCh * XKMSRSAKeyPairImpl::get##XVAL (void) const {\
+ return mp_##XVAL;}
+
+// --------------------------------------------------------------------------------
+// Construct/Destruct
+// --------------------------------------------------------------------------------
+
+XKMSRSAKeyPairImpl::XKMSRSAKeyPairImpl(const XSECEnv * env) :
+mp_env(env),
+mp_RSAKeyPairElement(NULL),
+mp_Modulus(NULL),
+mp_Exponent(NULL),
+mp_P(NULL),
+mp_Q(NULL),
+mp_DP(NULL),
+mp_DQ(NULL),
+mp_InverseQ(NULL),
+mp_D(NULL) {}
+
+XKMSRSAKeyPairImpl::XKMSRSAKeyPairImpl(const XSECEnv * env, DOMElement * node) :
+mp_env(env),
+mp_RSAKeyPairElement(node),
+mp_Modulus(NULL),
+mp_Exponent(NULL),
+mp_P(NULL),
+mp_Q(NULL),
+mp_DP(NULL),
+mp_DQ(NULL),
+mp_InverseQ(NULL),
+mp_D(NULL) {}
+
+
+XKMSRSAKeyPairImpl::~XKMSRSAKeyPairImpl() {}
+
+// --------------------------------------------------------------------------------
+// load
+// --------------------------------------------------------------------------------
+
+void XKMSRSAKeyPairImpl::load(void) {
+
+ if (mp_RSAKeyPairElement == NULL) {
+
+ // Attempt to load an empty element
+ throw XSECException(XSECException::XKMSError,
+ "XKMSRSAKeyPair::load - called on empty DOM");
+
+ }
+
+ DOMElement * e;
+ DOMNode * t;
+ // Check for Modulus node
+ e = (DOMElement *) findFirstElementChild(mp_RSAKeyPairElement);
+ if (e == NULL || !strEquals(getXKMSLocalName(e), XKMSConstants::s_tagModulus) ||
+ ((t = findFirstChildOfType(e, DOMNode::TEXT_NODE)) == NULL)) {
+
+ throw XSECException(XSECException::ExpectedXKMSChildNotFound,
+ "XKMSRSAKeyPair::load - Expected <Modulus> node");
+
+ }
+ mp_Modulus = t->getNodeValue();
+
+ XKMS_GET_RSA_VAL(Exponent);
+ XKMS_GET_RSA_VAL(P);
+ XKMS_GET_RSA_VAL(Q);
+ XKMS_GET_RSA_VAL(DP);
+ XKMS_GET_RSA_VAL(DQ);
+ XKMS_GET_RSA_VAL(InverseQ);
+ XKMS_GET_RSA_VAL(D);
+
+}
+
+// --------------------------------------------------------------------------------
+// Build from Scratch
+// --------------------------------------------------------------------------------
+
+DOMElement * XKMSRSAKeyPairImpl::createBlankXKMSRSAKeyPairImpl(
+ const XMLCh * Modulus,
+ const XMLCh * Exponent,
+ const XMLCh * P,
+ const XMLCh * Q,
+ const XMLCh * DP,
+ const XMLCh * DQ,
+ const XMLCh * InverseQ,
+ const XMLCh * D) {
+
+ // Get some setup values
+ safeBuffer str;
+ DOMDocument *doc = mp_env->getParentDocument();
+ const XMLCh * prefix = mp_env->getXKMSNSPrefix();
+
+ makeQName(str, prefix, XKMSConstants::s_tagRSAKeyPair);
+
+ mp_RSAKeyPairElement = doc->createElementNS(XKMSConstants::s_unicodeStrURIXKMS,
+ str.rawXMLChBuffer());
+
+ mp_env->doPrettyPrint(mp_RSAKeyPairElement);
+
+ /* Now add the Values element */
+ DOMElement * e;
+ XKMS_SET_RSA_VAL(Modulus)
+ XKMS_SET_RSA_VAL(Exponent)
+ XKMS_SET_RSA_VAL(P)
+ XKMS_SET_RSA_VAL(Q)
+ XKMS_SET_RSA_VAL(DP)
+ XKMS_SET_RSA_VAL(DQ)
+ XKMS_SET_RSA_VAL(InverseQ)
+ XKMS_SET_RSA_VAL(D)
+
+ return mp_RSAKeyPairElement;
+
+}
+
+XKMS_RET_RSA_VAL(Modulus)
+XKMS_RET_RSA_VAL(Exponent)
+XKMS_RET_RSA_VAL(P)
+XKMS_RET_RSA_VAL(Q)
+XKMS_RET_RSA_VAL(DP)
+XKMS_RET_RSA_VAL(DQ)
+XKMS_RET_RSA_VAL(InverseQ)
+XKMS_RET_RSA_VAL(D)
+
+
Added: xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.hpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.hpp?rev=381966&view=auto
==============================================================================
--- xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.hpp (added)
+++ xml/security/trunk/c/src/xkms/impl/XKMSRSAKeyPairImpl.hpp Wed Mar 1 01:35:05 2006
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * XSEC
+ *
+ * XKMSRSAKeyPairImpl := Implementation class for RSAKeyPair elements
+ *
+ * $Id:$
+ *
+ */
+
+#ifndef XKMSRSAKEYPAIRIMPL_INCLUDE
+#define XKMSRSAKEYPAIRIMPL_INCLUDE
+
+// XSEC Includes
+
+#include <xsec/framework/XSECDefs.hpp>
+#include <xsec/xkms/XKMSRSAKeyPair.hpp>
+
+class XSECEnv;
+
+class XKMSRSAKeyPairImpl : public XKMSRSAKeyPair {
+
+public:
+
+ /* Constructors and Destructors */
+
+ XKMSRSAKeyPairImpl(
+ const XSECEnv * env
+ );
+
+ XKMSRSAKeyPairImpl(
+ const XSECEnv * env,
+ XERCES_CPP_NAMESPACE_QUALIFIER DOMElement * node
+ );
+
+ virtual ~XKMSRSAKeyPairImpl() ;
+
+ // load
+ void load(void);
+
+ // Create from scratch - tag is the element name to create
+ XERCES_CPP_NAMESPACE_QUALIFIER DOMElement *
+ createBlankXKMSRSAKeyPairImpl(
+ const XMLCh * modulus,
+ const XMLCh * exponent,
+ const XMLCh * p,
+ const XMLCh * q,
+ const XMLCh * dp,
+ const XMLCh * dq,
+ const XMLCh * invq,
+ const XMLCh * d);
+
+ // Interface methods
+
+ virtual const XMLCh * getModulus(void) const;
+ virtual const XMLCh * getExponent(void) const;
+ virtual const XMLCh * getP(void) const;
+ virtual const XMLCh * getQ(void) const;
+ virtual const XMLCh * getDP(void) const;
+ virtual const XMLCh * getDQ(void) const;
+ virtual const XMLCh * getInverseQ(void) const;
+ virtual const XMLCh * getD(void) const;
+
+private:
+
+ const XSECEnv * mp_env;
+ XERCES_CPP_NAMESPACE_QUALIFIER DOMElement
+ * mp_RSAKeyPairElement;
+
+ const XMLCh * mp_Modulus;
+ const XMLCh * mp_Exponent;
+ const XMLCh * mp_P;
+ const XMLCh * mp_Q;
+ const XMLCh * mp_DP;
+ const XMLCh * mp_DQ;
+ const XMLCh * mp_InverseQ;
+ const XMLCh * mp_D;
+
+ // Unimplemented
+ XKMSRSAKeyPairImpl();
+ XKMSRSAKeyPairImpl(const XKMSRSAKeyPairImpl &);
+ XKMSRSAKeyPairImpl & operator = (const XKMSRSAKeyPairImpl &);
+
+};
+
+#endif /* XKMSRSAKEYPAIRIMPL_INCLUDE */
Modified: xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.cpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.cpp?rev=381966&r1=381965&r2=381966&view=diff
==============================================================================
--- xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.cpp (original)
+++ xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.cpp Wed Mar 1 01:35:05 2006
@@ -26,11 +26,19 @@
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/framework/XSECError.hpp>
#include <xsec/framework/XSECEnv.hpp>
+#include <xsec/framework/XSECAlgorithmMapper.hpp>
+#include <xsec/framework/XSECAlgorithmHandler.hpp>
#include <xsec/utils/XSECDOMUtils.hpp>
#include <xsec/xkms/XKMSConstants.hpp>
+#include <xsec/enc/XSECCryptoUtils.hpp>
+#include <xsec/enc/XSECCryptoKey.hpp>
+#include <xsec/xenc/XENCEncryptedData.hpp>
+#include <xsec/xenc/XENCEncryptionMethod.hpp>
+#include <xsec/xenc/XENCCipher.hpp>
#include "XKMSRegisterResultImpl.hpp"
#include "XKMSKeyBindingImpl.hpp"
+#include "XKMSRSAKeyPairImpl.hpp"
#include <xercesc/dom/DOM.hpp>
@@ -43,7 +51,9 @@
XKMSRegisterResultImpl::XKMSRegisterResultImpl(
const XSECEnv * env) :
m_result(env),
-m_msg(m_result.m_msg) {
+m_msg(m_result.m_msg),
+mp_privateKeyElement(NULL),
+mp_RSAKeyPair(NULL) {
}
@@ -51,7 +61,9 @@
const XSECEnv * env,
XERCES_CPP_NAMESPACE_QUALIFIER DOMElement * node) :
m_result(env, node),
-m_msg(m_result.m_msg) {
+m_msg(m_result.m_msg),
+mp_privateKeyElement(NULL),
+mp_RSAKeyPair(NULL) {
}
@@ -65,6 +77,9 @@
}
+ if (mp_RSAKeyPair != NULL)
+ delete mp_RSAKeyPair;
+
}
@@ -109,6 +124,12 @@
}
+ nl = m_msg.mp_messageAbstractTypeElement->getElementsByTagNameNS(
+ XKMSConstants::s_unicodeStrURIXKMS,
+ XKMSConstants::s_tagPrivateKey);
+
+ if (nl != NULL)
+ mp_privateKeyElement = (DOMElement *) nl->item(0);
// Load the base message
m_result.load();
@@ -179,3 +200,76 @@
return u;
}
+
+// --------------------------------------------------------------------------------
+// RSAKeyPair handling
+// --------------------------------------------------------------------------------
+
+XKMSRSAKeyPair * XKMSRegisterResultImpl::getRSAKeyPair(const char * passPhrase) {
+
+ // Already done?
+ if (mp_RSAKeyPair != NULL)
+ return mp_RSAKeyPair;
+
+ // Nope - can we do it?
+ if (mp_privateKeyElement == NULL)
+ return NULL;
+
+ // Yep! Load the key
+ unsigned char kbuf[XSEC_MAX_HASH_SIZE];
+ unsigned int len = CalculateXKMSKEK((unsigned char *) passPhrase, strlen(passPhrase), kbuf, XSEC_MAX_HASH_SIZE);
+
+ XSECProvider prov;
+ XENCCipher * cipher = prov.newCipher(m_msg.mp_env->getParentDocument());
+
+ // Find the encrypted info
+ DOMNode * n = findXENCNode(mp_privateKeyElement, "EncryptedData");
+
+ // Load into the Cipher class
+ XENCEncryptedData * xed = cipher->loadEncryptedData((DOMElement *) n);
+ if (xed == NULL) {
+ throw XSECException(XSECException::XKMSError,
+ "XKMSRegisterResult::getRSAKeyPair - error loading encrypted data");
+ }
+
+ // Setup the appropriate key
+ if (xed->getEncryptionMethod() == NULL) {
+ throw XSECException(XSECException::XKMSError,
+ "XKMSRegisterResult::getRSAKeyPair - no <EncryptionMethod> in EncryptedData");
+ }
+
+ // Now find if we can get an algorithm for this URI
+ XSECAlgorithmHandler *handler;
+
+ handler =
+ XSECPlatformUtils::g_algorithmMapper->mapURIToHandler(
+ xed->getEncryptionMethod()->getAlgorithm());
+
+ if (handler == NULL) {
+ throw XSECException(XSECException::XKMSError,
+ "XKMSRegisterResult::getRSAKeyPair - unable to handle algorithm in EncryptedData");
+ }
+
+ XSECCryptoKey * sk = handler->createKeyForURI(
+ xed->getEncryptionMethod()->getAlgorithm(),
+ (XMLByte *) kbuf,
+ XSEC_MAX_HASH_SIZE);
+
+ cipher->setKey(sk);
+ cipher->decryptElement();
+
+ // WooHoo - if we get this far things are looking good!
+ DOMElement * kp = findFirstElementChild(mp_privateKeyElement);
+ if (kp == NULL || !strEquals(getXKMSLocalName(kp), XKMSConstants::s_tagRSAKeyPair)) {
+
+ throw XSECException(XSECException::XKMSError,
+ "XKMSRegisterResult::getRSAKeyPair - private key did not decrypt to RSAKeyPair");
+
+ }
+
+ XSECnew(mp_RSAKeyPair, XKMSRSAKeyPairImpl(m_msg.mp_env, kp));
+ mp_RSAKeyPair->load();
+
+ return mp_RSAKeyPair;
+}
+
Modified: xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.hpp
URL: http://svn.apache.org/viewcvs/xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.hpp?rev=381966&r1=381965&r2=381966&view=diff
==============================================================================
--- xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.hpp (original)
+++ xml/security/trunk/c/src/xkms/impl/XKMSRegisterResultImpl.hpp Wed Mar 1 01:35:05 2006
@@ -36,6 +36,7 @@
#include <vector>
class XKMSKeyBindingImpl;
+class XKMSRSAKeyPairImpl;
class XKMSRegisterResultImpl : public XKMSRegisterResult {
@@ -70,6 +71,7 @@
virtual int getKeyBindingSize(void) const;
virtual XKMSKeyBinding * getKeyBindingItem(int item) const;
virtual XKMSKeyBinding * appendKeyBindingItem(XKMSStatus::StatusValue status);
+ virtual XKMSRSAKeyPair * getRSAKeyPair(const char * passPhrase);
/* Implemented from MessageAbstractType */
@@ -90,7 +92,10 @@
#endif
KeyBindingVectorType m_keyBindingList;
+ XKMSRSAKeyPairImpl * mp_RSAKeyPair;
+ XERCES_CPP_NAMESPACE_QUALIFIER DOMElement
+ * mp_privateKeyElement;
// Unimplemented
XKMSRegisterResultImpl(void);
XKMSRegisterResultImpl(const XKMSRegisterResultImpl &);