You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2010/06/29 02:44:28 UTC
svn commit: r958797 [2/2] - in /xml/security/trunk/c: ./
Projects/VC10.0/xsec/xsec_lib/ include/ lib/ src/dsig/ src/enc/
src/enc/OpenSSL/ src/framework/ src/tools/templatesign/ src/utils/
Added: xml/security/trunk/c/src/enc/XSECCryptoKeyEC.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/XSECCryptoKeyEC.hpp?rev=958797&view=auto
==============================================================================
--- xml/security/trunk/c/src/enc/XSECCryptoKeyEC.hpp (added)
+++ xml/security/trunk/c/src/enc/XSECCryptoKeyEC.hpp Tue Jun 29 00:44:27 2010
@@ -0,0 +1,154 @@
+/*
+ * Copyright 2010 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * XSEC
+ *
+ * XSECCryptoKeyEC := EC Keys
+ *
+ * Author(s): Scott Cantor
+ *
+ * $Id:$
+ *
+ */
+
+#ifndef XSECCRYPTOKEYEC_INCLUDE
+#define XSECCRYPTOKEYEC_INCLUDE
+
+#include <xsec/enc/XSECCryptoKey.hpp>
+
+/**
+ * \ingroup crypto
+ */
+
+/**
+ * \brief Interface class for RSA keys.
+ *
+ * The library uses classes derived from this to process RSA keys.
+ */
+
+
+class DSIG_EXPORT XSECCryptoKeyEC : public XSECCryptoKey {
+
+public :
+
+ /** @name Constructors and Destructors */
+ //@{
+
+ XSECCryptoKeyEC() {};
+ virtual ~XSECCryptoKeyEC() {};
+
+ //@}
+
+ /** @name Key Interface methods */
+ //@{
+
+ /**
+ * \brief Return the type of this key.
+ *
+ * For EC keys, this allows people to determine whether this is a
+ * public key, private key or a key pair
+ */
+
+ virtual XSECCryptoKey::KeyType getKeyType() const {return KEY_NONE;}
+
+ /**
+ * \brief Replicate key
+ */
+
+ virtual XSECCryptoKey * clone() const = 0;
+
+ //@}
+
+ /** @name Mandatory EC interface methods
+ *
+ * These methods are required by the library.
+ */
+ //@{
+
+ /**
+ * \brief Verify an EC-DSA signature
+ *
+ * The library will call this function to validate a signature
+ *
+ * @param hashBuf Buffer containing the pre-calculated (binary) digest
+ * @param hashLen Length of the data in the digest buffer
+ * @param base64Signature Buffer containing the Base64 encoded signature
+ * @param sigLen Length of the data in the signature buffer
+ * @returns true if the signature was valid, false otherwise
+ */
+
+ virtual bool verifyBase64SignatureDSA(unsigned char * hashBuf,
+ unsigned int hashLen,
+ char * base64Signature,
+ unsigned int sigLen) = 0;
+
+ /**
+ * \brief Create an EC-DSA signature
+ *
+ * The library will call this function to create a signature from
+ * a pre-calculated digest. The output signature is required to
+ * be Base64 encoded such that it can be placed directly into the
+ * XML document
+ *
+ * @param hashBuf Buffer containing the pre-calculated (binary) digest
+ * @param hashLen Number of bytes of hash in the hashBuf
+ * @param base64SignatureBuf Buffer to place the base64 encoded result
+ * in.
+ * @param base64SignatureBufLen Implementations need to ensure they do
+ * not write more bytes than this into the buffer
+ */
+
+ virtual unsigned int signBase64SignatureDSA(unsigned char * hashBuf,
+ unsigned int hashLen,
+ char * base64SignatureBuf,
+ unsigned int base64SignatureBufLen) = 0;
+
+ //@}
+
+ /** @name Optional Interface methods
+ *
+ * These functions do not necessarily have to be implmented. They
+ * are used by XSECKeyInfoResolverDefault to try to create a key from
+ * KeyInfo elements without knowing anything else.
+ *
+ * If an interface class does not implement these functions, a simple
+ * stub that does nothing should be used.
+ */
+
+ //@{
+
+ /**
+ * \brief Load the key
+ *
+ * Load the key for a named curve from a Base64 encoded string
+ *
+ * param curveName a URI identifying the curve (typically an OID URN)
+ * param b64 A buffer containing the encoded string
+ * param len The length of the data in the buffer
+ */
+
+ virtual void loadPublicKeyBase64(const char* curveName,
+ const char* b64,
+ unsigned int len) = 0;
+
+ //@}
+
+};
+
+
+
+#endif /* XSECCRYPTOKEYEC_INCLUDE */
Propchange: xml/security/trunk/c/src/enc/XSECCryptoKeyEC.hpp
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: xml/security/trunk/c/src/enc/XSECCryptoKeyRSA.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/XSECCryptoKeyRSA.hpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/enc/XSECCryptoKeyRSA.hpp (original)
+++ xml/security/trunk/c/src/enc/XSECCryptoKeyRSA.hpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -89,7 +89,7 @@ public :
/** @name Mandatory RSA interface methods
*
- * These classes are required by the library.
+ * These methods are required by the library.
*/
//@{
Added: xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp?rev=958797&view=auto
==============================================================================
--- xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp (added)
+++ xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp Tue Jun 29 00:44:27 2010
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2010 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * XSEC
+ *
+ * XSECCryptoProvider := Base virtual class to define a crpyto module
+ *
+ * Author(s): Scott Cantor
+ *
+ * $Id:$
+ *
+ */
+
+#include <xsec/enc/XSECCryptoProvider.hpp>
+#include <xsec/enc/XSECCryptoException.hpp>
+
+#include <xercesc/util/Janitor.hpp>
+
+XSECCryptoKeyEC* XSECCryptoProvider::keyEC() const {
+ throw XSECCryptoException(XSECCryptoException::UnsupportedError,
+ "XSECCryptoProvider - EC keys not supported");
+}
+
+XSECCryptoKey* XSECCryptoProvider::keyDER(const char* buf, unsigned long buflen, bool base64) const {
+ throw XSECCryptoException(XSECCryptoException::UnsupportedError,
+ "XSECCryptoProvider - DER-encoded keys not supported");
+}
Propchange: xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: xml/security/trunk/c/src/enc/XSECCryptoProvider.cpp
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: xml/security/trunk/c/src/enc/XSECCryptoProvider.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/XSECCryptoProvider.hpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/enc/XSECCryptoProvider.hpp (original)
+++ xml/security/trunk/c/src/enc/XSECCryptoProvider.hpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -34,6 +34,7 @@
#include <xsec/enc/XSECCryptoBase64.hpp>
#include <xsec/enc/XSECCryptoX509.hpp>
#include <xsec/enc/XSECCryptoKeyDSA.hpp>
+#include <xsec/enc/XSECCryptoKeyEC.hpp>
#include <xsec/enc/XSECCryptoKeyRSA.hpp>
#include <xsec/enc/XSECCryptoSymmetricKey.hpp>
@@ -289,6 +290,31 @@ public :
virtual XSECCryptoKeyRSA * keyRSA() const = 0;
/**
+ * \brief Return an EC key implementation object.
+ *
+ * Call used by the library to obtain an EC key object.
+ *
+ * @returns Pointer to the new EC key
+ * @see XSECCryptoKeyEC
+ */
+
+ virtual XSECCryptoKeyEC * keyEC() const;
+
+ /**
+ * \brief Return a key implementation object based on DER-encoded input.
+ *
+ * Call used by the library to obtain a key object from a DER-encoded key.
+ *
+ * @param buf DER-encoded data
+ * @param buflen length of data
+ * @param base64 true iff data is base64-encoded
+ * @returns Pointer to the new key
+ * @see XSECCryptoKey
+ */
+
+ virtual XSECCryptoKey * keyDER(const char* buf, unsigned long buflen, bool base64) const;
+
+ /**
* \brief Return an X509 implementation object.
*
* Call used by the library to obtain an object that can work
Modified: xml/security/trunk/c/src/enc/XSECKeyInfoResolverDefault.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/enc/XSECKeyInfoResolverDefault.cpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/enc/XSECKeyInfoResolverDefault.cpp (original)
+++ xml/security/trunk/c/src/enc/XSECKeyInfoResolverDefault.cpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -27,8 +27,11 @@
#include <xsec/enc/XSECKeyInfoResolverDefault.hpp>
#include <xsec/dsig/DSIGKeyInfoX509.hpp>
#include <xsec/dsig/DSIGKeyInfoValue.hpp>
+#include <xsec/dsig/DSIGKeyInfoDEREncoded.hpp>
#include <xsec/framework/XSECError.hpp>
+#include "../utils/XSECAutoPtr.hpp"
+
#include <xercesc/util/Janitor.hpp>
XERCES_CPP_NAMESPACE_USE
@@ -134,6 +137,32 @@ XSECCryptoKey * XSECKeyInfoResolverDefau
return rsa;
}
+ break;
+
+ case (DSIGKeyInfo::KEYINFO_VALUE_EC) :
+ {
+
+ XSECCryptoKeyEC* ec = XSECPlatformUtils::g_cryptoProvider->keyEC();
+ Janitor<XSECCryptoKeyEC> j_ec(ec);
+
+ safeBuffer value;
+ value << (*mp_formatter << ((DSIGKeyInfoValue *) lst->item(i))->getECPublicKey());
+ XSECAutoPtrChar curve(((DSIGKeyInfoValue *) lst->item(i))->getECNamedCurve());
+ if (curve.get()) {
+ ec->loadPublicKeyBase64(curve.get(), value.rawCharBuffer(), (unsigned int) strlen(value.rawCharBuffer()));
+ j_ec.release();
+ return ec;
+ }
+ }
+ break;
+
+ case (DSIGKeyInfo::KEYINFO_DERENCODED) :
+ {
+ safeBuffer value;
+ value << (*mp_formatter << ((DSIGKeyInfoDEREncoded *) lst->item(i))->getData());
+ return XSECPlatformUtils::g_cryptoProvider->keyDER(value.rawCharBuffer(), (unsigned int)strlen(value.rawCharBuffer()), true);
+ }
+ break;
default :
break;
Modified: xml/security/trunk/c/src/framework/XSECConfig.hpp.in
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/framework/XSECConfig.hpp.in?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/framework/XSECConfig.hpp.in (original)
+++ xml/security/trunk/c/src/framework/XSECConfig.hpp.in Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -128,6 +128,7 @@
#undef XSEC_OPENSSL_CONST_BUFFERS
#undef XSEC_OPENSSL_HAVE_AES
+#undef XSEC_OPENSSL_HAVE_EC
#undef XSEC_OPENSSL_CANSET_PADDING
#undef XSEC_OPENSSL_D2IX509_CONST_BUFFER
#undef XSEC_OPENSSL_HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
Modified: xml/security/trunk/c/src/framework/XSECEnv.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/framework/XSECEnv.cpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/framework/XSECEnv.cpp (original)
+++ xml/security/trunk/c/src/framework/XSECEnv.cpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2005 The Apache Software Foundation.
+ * Copyright 2003-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -46,6 +46,16 @@ XERCES_CPP_NAMESPACE_USE
// Default prefix strings
// --------------------------------------------------------------------------------
+const XMLCh s_default11Prefix[] = {
+
+ chLatin_d,
+ chLatin_s,
+ chDigit_1,
+ chDigit_1,
+ chNull
+
+};
+
const XMLCh s_defaultECPrefix[] = {
chLatin_e,
@@ -115,6 +125,7 @@ XSECEnv::XSECEnv(DOMDocument *doc) {
mp_doc = doc;
mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
+ mp_11PrefixNS = XMLString::replicate(s_default11Prefix);
mp_ecPrefixNS = XMLString::replicate(s_defaultECPrefix);
mp_xpfPrefixNS = XMLString::replicate(s_defaultXPFPrefix);
mp_xencPrefixNS = XMLString::replicate(s_defaultXENCPrefix);
@@ -141,6 +152,7 @@ XSECEnv::XSECEnv(const XSECEnv & theOthe
mp_doc = theOther.mp_doc;
mp_prefixNS = XMLString::replicate(theOther.mp_prefixNS);
+ mp_11PrefixNS = XMLString::replicate(theOther.mp_11PrefixNS);
mp_ecPrefixNS = XMLString::replicate(theOther.mp_ecPrefixNS);
mp_xpfPrefixNS = XMLString::replicate(theOther.mp_xpfPrefixNS);
mp_xencPrefixNS = XMLString::replicate(theOther.mp_xencPrefixNS);
@@ -176,6 +188,10 @@ XSECEnv::~XSECEnv() {
XSEC_RELEASE_XMLCH(mp_prefixNS);
}
+ if (mp_11PrefixNS != NULL) {
+ XSEC_RELEASE_XMLCH(mp_11PrefixNS);
+ }
+
if (mp_ecPrefixNS != NULL) {
XSEC_RELEASE_XMLCH(mp_ecPrefixNS);
}
@@ -247,6 +263,15 @@ void XSECEnv::setDSIGNSPrefix(const XMLC
}
+void XSECEnv::setDSIG11NSPrefix(const XMLCh * prefix) {
+
+ if (mp_11PrefixNS != NULL)
+ XSEC_RELEASE_XMLCH(mp_11PrefixNS);
+
+ mp_11PrefixNS = XMLString::replicate(prefix);
+
+}
+
void XSECEnv::setECNSPrefix(const XMLCh * prefix) {
if (mp_ecPrefixNS != NULL)
Modified: xml/security/trunk/c/src/framework/XSECEnv.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/framework/XSECEnv.hpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/framework/XSECEnv.hpp (original)
+++ xml/security/trunk/c/src/framework/XSECEnv.hpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2005 The Apache Software Foundation.
+ * Copyright 2003-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -91,12 +91,25 @@ public:
* <p>If no prefix has been set, this attribute will be set as the default namespace</p>
*
* @see #createBlankSignature
- * @param prefix The UTF-16 encoided NS prefix to use for the XML
+ * @param prefix The UTF-16 encoded NS prefix to use for the XML
* Digital Signature nodes
*/
void setDSIGNSPrefix(const XMLCh * prefix);
+ /**
+ * \brief Set the prefix be used for the DSIG 1.1 namespace.
+ *
+ * <p>When the XSEC library creates XML Element nodes, it uses the prefix here
+ * for all nodes created. By default, the library assumes that the default
+ * namespace is used.</p>
+ *
+ * @param prefix The UTF-16 encoded NS prefix to use for the XML
+ * Digital Signature 1.1 nodes
+ */
+
+ void setDSIG11NSPrefix(const XMLCh * prefix);
+
/**
* \brief Set the prefix be used for the Exclusive Canonicalisation namespace.
*
@@ -109,7 +122,7 @@ public:
* If no prefix is set, the default namespace will be used
*
* @see #createBlankSignature
- * @param prefix The UTF-16 encoided NS prefix to use for the XML
+ * @param prefix The UTF-16 encoded NS prefix to use for the XML
* Exclusive Canonicalisation nodes
*/
@@ -127,7 +140,7 @@ public:
* If no prefix is set, the default namespace will be used
*
* @see #createBlankSignature
- * @param prefix The UTF-16 encoided NS prefix to use for the XPath
+ * @param prefix The UTF-16 encoded NS prefix to use for the XPath
* filter nodes
*/
@@ -162,6 +175,16 @@ public:
const XMLCh * getDSIGNSPrefix() const {return mp_prefixNS;}
/**
+ * \brief Get the NS Prefix being used for DSIG 1.1 elements.
+ *
+ * @returns A pointer to the buffer holding the prefix
+ * @see #setDSIG11NSPrefix
+ *
+ */
+
+ const XMLCh * getDSIG11NSPrefix() const {return mp_11PrefixNS;}
+
+ /**
* \brief Get the NS being used for EC nodes
*
* @returns A pointer to the buffer holding the prefix
@@ -499,6 +522,7 @@ private:
* mp_doc;
// For creating functions
XMLCh * mp_prefixNS;
+ XMLCh * mp_11PrefixNS;
XMLCh * mp_ecPrefixNS;
XMLCh * mp_xpfPrefixNS;
XMLCh * mp_xencPrefixNS;
Modified: xml/security/trunk/c/src/framework/XSECW32Config.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/framework/XSECW32Config.hpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/framework/XSECW32Config.hpp (original)
+++ xml/security/trunk/c/src/framework/XSECW32Config.hpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -194,6 +194,7 @@
# define XSEC_OPENSSL_CONST_BUFFERS
# define XSEC_OPENSSL_HAVE_AES
+# define XSEC_OPENSSL_HAVE_EC
# define XSEC_OPENSSL_CANSET_PADDING
# define XSEC_OPENSSL_HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
# endif
Modified: xml/security/trunk/c/src/tools/templatesign/templatesign.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/tools/templatesign/templatesign.cpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/tools/templatesign/templatesign.cpp (original)
+++ xml/security/trunk/c/src/tools/templatesign/templatesign.cpp Tue Jun 29 00:44:27 2010
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2005 The Apache Software Foundation.
+ * Copyright 2002-2010 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -45,6 +45,7 @@
#if defined (HAVE_OPENSSL)
# include <xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.hpp>
+# include <xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.hpp>
# include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>
# include <xsec/enc/OpenSSL/OpenSSLCryptoKeyHMAC.hpp>
# include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>
@@ -545,6 +546,14 @@ void printUsage(void) {
# if defined (HAVE_WINCAPI)
cerr << " NOTE: Not usable if --wincapi previously set\n";
# endif
+# if defined(XSEC_OPENSSL_HAVE_EC)
+ cerr << " --eckey/-e <ec private key file> <password>\n";
+ cerr << " <ec private key file> contains a PEM encoded private key\n";
+ cerr << " <password> is the password used to decrypt the key file\n";
+# endif
+# if defined (HAVE_WINCAPI)
+ cerr << " NOTE: Not usable if --wincapi previously set\n";
+# endif
cerr << " --rsakey/-r <rsa private key file> <password>\n";
cerr << " <rsa privatekey file> contains a PEM encoded private key\n";
cerr << " <password> is the password used to decrypt the key file\n";
@@ -658,10 +667,14 @@ int main(int argc, char **argv) {
#if defined (HAVE_OPENSSL)
- else if (_stricmp(argv[paramCount], "--dsakey") == 0 || _stricmp(argv[paramCount], "-d") == 0 ||
- _stricmp(argv[paramCount], "--rsakey") == 0 || _stricmp(argv[paramCount], "-r") == 0) {
+ else if (_stricmp(argv[paramCount], "--dsakey") == 0 || _stricmp(argv[paramCount], "-d") == 0
+ || _stricmp(argv[paramCount], "--rsakey") == 0 || _stricmp(argv[paramCount], "-r") == 0
+# if defined(XSEC_OPENSSL_HAVE_EC)
+ || _stricmp(argv[paramCount], "--eckey") == 0 || _stricmp(argv[paramCount], "-e") == 0
+# endif
+ ) {
- // DSA or RSA OpenSSL Key
+ // OpenSSL Key
if (paramCount + 3 >= argc) {
@@ -672,7 +685,7 @@ int main(int argc, char **argv) {
if (key != 0) {
- cerr << "\nError loading RSA or DSA key - another key already loaded\n\n";
+ cerr << "\nError loading private key - another key already loaded\n\n";
printUsage();
exit(1);
@@ -719,7 +732,21 @@ int main(int argc, char **argv) {
// Create the XSEC OpenSSL interface
key = new OpenSSLCryptoKeyDSA(pkey);
}
- else {
+# if defined(XSEC_OPENSSL_HAVE_EC)
+ else if (_stricmp(argv[paramCount], "--eckey") == 0 || _stricmp(argv[paramCount], "-e") == 0) {
+
+ // Check type is correct
+
+ if (pkey->type != EVP_PKEY_EC) {
+ cerr << "EC Key requested, but OpenSSL loaded something else\n";
+ exit (1);
+ }
+
+ // Create the XSEC OpenSSL interface
+ key = new OpenSSLCryptoKeyEC(pkey);
+ }
+# endif
+ else {
if (pkey->type != EVP_PKEY_RSA) {
cerr << "RSA Key requested, but OpenSSL loaded something else\n";
exit (1);
@@ -732,7 +759,7 @@ int main(int argc, char **argv) {
paramCount += 3;
- } /* argv[1] = "dsa/rsa" */
+ } /* argv[1] = "dsa/rsa/ec" */
else if (_stricmp(argv[paramCount], "--x509cert") == 0 || _stricmp(argv[paramCount], "-x") == 0) {
@@ -746,7 +773,7 @@ int main(int argc, char **argv) {
}
- // Load the signing key
+ // Load the cert.
// For now just read a particular file
BIO * bioX509;
@@ -771,7 +798,7 @@ int main(int argc, char **argv) {
if (x == NULL) {
- cerr << "Error loading certificate key\n\n";
+ cerr << "Error loading certificate\n\n";
ERR_print_errors(bio_err);
exit (1);
Modified: xml/security/trunk/c/src/utils/XSECDOMUtils.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/utils/XSECDOMUtils.cpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/utils/XSECDOMUtils.cpp (original)
+++ xml/security/trunk/c/src/utils/XSECDOMUtils.cpp Tue Jun 29 00:44:27 2010
@@ -53,6 +53,15 @@ const XMLCh * getDSIGLocalName(const DOM
}
+const XMLCh * getDSIG11LocalName(const DOMNode *node) {
+
+ if (!strEquals(node->getNamespaceURI(), DSIGConstants::s_unicodeStrURIDSIG11))
+ return NULL; //DOMString("");
+ else
+ return node->getLocalName();
+
+}
+
const XMLCh * getECLocalName(const DOMNode * node) {
// Exclusive Canonicalisation namespace
Modified: xml/security/trunk/c/src/utils/XSECDOMUtils.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/utils/XSECDOMUtils.hpp?rev=958797&r1=958796&r2=958797&view=diff
==============================================================================
--- xml/security/trunk/c/src/utils/XSECDOMUtils.hpp (original)
+++ xml/security/trunk/c/src/utils/XSECDOMUtils.hpp Tue Jun 29 00:44:27 2010
@@ -69,6 +69,7 @@ private:
// --------------------------------------------------------------------------------
const XMLCh DSIG_EXPORT * getDSIGLocalName(const XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *node);
+const XMLCh DSIG_EXPORT * getDSIG11LocalName(const XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *node);
const XMLCh DSIG_EXPORT * getECLocalName(const XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *node);
const XMLCh DSIG_EXPORT * getXPFLocalName(const XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *node);
const XMLCh DSIG_EXPORT * getXENCLocalName(const XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *node);