You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2005/07/05 13:52:04 UTC
cvs commit: xml-security/c/src/dsig DSIGConstants.hpp DSIGConstants.cpp
blautenb 2005/07/05 04:52:04
Modified: c/src/dsig DSIGConstants.hpp DSIGConstants.cpp
Log:
Ensure all Algorithm URIs that users might use are defined in DSIGConstants and add reverse URI mapping functions
Revision Changes Path
1.25 +34 -1 xml-security/c/src/dsig/DSIGConstants.hpp
Index: DSIGConstants.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.hpp,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- DSIGConstants.hpp 20 Feb 2005 10:35:51 -0000 1.24
+++ DSIGConstants.hpp 5 Jul 2005 11:52:04 -0000 1.25
@@ -438,6 +438,9 @@
static const XMLCh * s_unicodeStrURIXPF;
static const XMLCh * s_unicodeStrURIXENC;
+ static const XMLCh * s_unicodeStrURISIGBASE;
+ static const XMLCh * s_unicodeStrURISIGBASEMORE;
+
static const XMLCh * s_unicodeStrURIRawX509;
static const XMLCh * s_unicodeStrURISHA1;
static const XMLCh * s_unicodeStrURISHA224;
@@ -454,8 +457,19 @@
static const XMLCh * s_unicodeStrURIEXC_C14N_NOC;
static const XMLCh * s_unicodeStrURIEXC_C14N_COM;
static const XMLCh * s_unicodeStrURIDSA_SHA1;
+
static const XMLCh * s_unicodeStrURIRSA_SHA1;
+ static const XMLCh * s_unicodeStrURIRSA_SHA224;
+ static const XMLCh * s_unicodeStrURIRSA_SHA256;
+ static const XMLCh * s_unicodeStrURIRSA_SHA384;
+ static const XMLCh * s_unicodeStrURIRSA_SHA512;
+
static const XMLCh * s_unicodeStrURIHMAC_SHA1;
+ static const XMLCh * s_unicodeStrURIHMAC_SHA224;
+ static const XMLCh * s_unicodeStrURIHMAC_SHA256;
+ static const XMLCh * s_unicodeStrURIHMAC_SHA384;
+ static const XMLCh * s_unicodeStrURIHMAC_SHA512;
+
static const XMLCh * s_unicodeStrURIXMLNS;
static const XMLCh * s_unicodeStrURIMANIFEST;
@@ -523,5 +537,24 @@
}
+// --------------------------------------------------------------------------------
+// URI Inverse Mappings
+// --------------------------------------------------------------------------------
+
+/* Map URIs to internal enums, if the URIs are known to the library.
+ If they aren't, all these calls will set the Method variables to
+ *_NONE, signifying we don't know them. Note this is not necessarily
+ an error - the calling application may have installed handlers to handle
+ these URIs, it's just we don't have an internal enum mapping
+*/
+
+bool DSIG_EXPORT XSECmapURIToSignatureMethods(const XMLCh * URI,
+ signatureMethod & sm,
+ hashMethod & hm);
+bool DSIG_EXPORT XSECmapURIToHashMethod(const XMLCh * URI,
+ hashMethod & hm);
+bool DSIG_EXPORT XSECmapURIToCanonicalizationMethod(const XMLCh * URI,
+ canonicalizationMethod & cm);
+
#endif /* DSIGCONSTANTS_HEADER */
1.26 +313 -1 xml-security/c/src/dsig/DSIGConstants.cpp
Index: DSIGConstants.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.cpp,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- DSIGConstants.cpp 20 Feb 2005 10:35:51 -0000 1.25
+++ DSIGConstants.cpp 5 Jul 2005 11:52:04 -0000 1.26
@@ -26,6 +26,11 @@
*/
#include <xsec/dsig/DSIGConstants.hpp>
+#include <xsec/utils/XSECDOMUtils.hpp>
+
+#include <xercesc/util/XMLUniDefs.hpp>
+
+XERCES_CPP_NAMESPACE_USE
// We need a special version of XSEC_RELEASE_XMLCH
@@ -37,6 +42,96 @@
# define XSEC_RELEASE_XMLCH(x) delete[] x;
#endif
+// --------------------------------------------------------------------------------
+// Some useful defines
+// --------------------------------------------------------------------------------
+
+
+static XMLCh s_dsa[] = {
+
+ chLatin_d,
+ chLatin_s,
+ chLatin_a,
+ chNull
+};
+
+static XMLCh s_rsa[] = {
+
+ chLatin_r,
+ chLatin_s,
+ chLatin_a,
+ chNull
+};
+
+static XMLCh s_hmac[] = {
+
+ chLatin_h,
+ chLatin_m,
+ chLatin_a,
+ chLatin_c,
+ chNull
+};
+
+static XMLCh s_sha1[] = {
+
+ chLatin_s,
+ chLatin_h,
+ chLatin_a,
+ chDigit_1,
+ chNull
+};
+
+static XMLCh s_sha224[] = {
+
+ chLatin_s,
+ chLatin_h,
+ chLatin_a,
+ chDigit_2,
+ chDigit_2,
+ chDigit_4,
+ chNull
+};
+
+static XMLCh s_sha256[] = {
+
+ chLatin_s,
+ chLatin_h,
+ chLatin_a,
+ chDigit_2,
+ chDigit_5,
+ chDigit_6,
+ chNull
+};
+
+static XMLCh s_sha384[] = {
+
+ chLatin_s,
+ chLatin_h,
+ chLatin_a,
+ chDigit_3,
+ chDigit_8,
+ chDigit_4,
+ chNull
+};
+
+static XMLCh s_sha512[] = {
+
+ chLatin_s,
+ chLatin_h,
+ chLatin_a,
+ chDigit_5,
+ chDigit_1,
+ chDigit_2,
+ chNull
+};
+
+static XMLCh s_md5[] = {
+
+ chLatin_m,
+ chLatin_d,
+ chDigit_5,
+ chNull
+};
// --------------------------------------------------------------------------------
// Constant Strings Storage
@@ -54,6 +149,10 @@
const XMLCh * DSIGConstants::s_unicodeStrURIXPF;
const XMLCh * DSIGConstants::s_unicodeStrURIXENC;
+const XMLCh * DSIGConstants::s_unicodeStrURISIGBASE;
+const XMLCh * DSIGConstants::s_unicodeStrURISIGBASEMORE;
+
+
const XMLCh * DSIGConstants::s_unicodeStrURIRawX509;
const XMLCh * DSIGConstants::s_unicodeStrURISHA1;
const XMLCh * DSIGConstants::s_unicodeStrURISHA224;
@@ -70,8 +169,19 @@
const XMLCh * DSIGConstants::s_unicodeStrURIEXC_C14N_NOC;
const XMLCh * DSIGConstants::s_unicodeStrURIEXC_C14N_COM;
const XMLCh * DSIGConstants::s_unicodeStrURIDSA_SHA1;
+
const XMLCh * DSIGConstants::s_unicodeStrURIRSA_SHA1;
+const XMLCh * DSIGConstants::s_unicodeStrURIRSA_SHA224;
+const XMLCh * DSIGConstants::s_unicodeStrURIRSA_SHA256;
+const XMLCh * DSIGConstants::s_unicodeStrURIRSA_SHA384;
+const XMLCh * DSIGConstants::s_unicodeStrURIRSA_SHA512;
+
const XMLCh * DSIGConstants::s_unicodeStrURIHMAC_SHA1;
+const XMLCh * DSIGConstants::s_unicodeStrURIHMAC_SHA224;
+const XMLCh * DSIGConstants::s_unicodeStrURIHMAC_SHA256;
+const XMLCh * DSIGConstants::s_unicodeStrURIHMAC_SHA384;
+const XMLCh * DSIGConstants::s_unicodeStrURIHMAC_SHA512;
+
const XMLCh * DSIGConstants::s_unicodeStrURIXMLNS;
const XMLCh * DSIGConstants::s_unicodeStrURIMANIFEST;
@@ -113,6 +223,9 @@
s_unicodeStrURIXPF = XMLString::transcode(URI_ID_XPF);
s_unicodeStrURIXENC = XMLString::transcode(URI_ID_XENC);
+ s_unicodeStrURISIGBASE = XMLString::transcode(URI_ID_SIG_BASE);
+ s_unicodeStrURISIGBASEMORE = XMLString::transcode(URI_ID_SIG_BASEMORE);
+
s_unicodeStrURISHA1 = XMLString::transcode(URI_ID_SHA1);
s_unicodeStrURISHA224 = XMLString::transcode(URI_ID_SHA224);
s_unicodeStrURISHA256 = XMLString::transcode(URI_ID_SHA256);
@@ -129,7 +242,15 @@
s_unicodeStrURIEXC_C14N_COM = XMLString::transcode(URI_ID_EXC_C14N_COM);
s_unicodeStrURIDSA_SHA1 = XMLString::transcode(URI_ID_DSA_SHA1);
s_unicodeStrURIRSA_SHA1 = XMLString::transcode(URI_ID_RSA_SHA1);
+ s_unicodeStrURIRSA_SHA224 = XMLString::transcode(URI_ID_RSA_SHA224);
+ s_unicodeStrURIRSA_SHA256 = XMLString::transcode(URI_ID_RSA_SHA256);
+ s_unicodeStrURIRSA_SHA384 = XMLString::transcode(URI_ID_RSA_SHA384);
+ s_unicodeStrURIRSA_SHA512 = XMLString::transcode(URI_ID_RSA_SHA512);
s_unicodeStrURIHMAC_SHA1 = XMLString::transcode(URI_ID_HMAC_SHA1);
+ s_unicodeStrURIHMAC_SHA224 = XMLString::transcode(URI_ID_HMAC_SHA224);
+ s_unicodeStrURIHMAC_SHA256 = XMLString::transcode(URI_ID_HMAC_SHA256);
+ s_unicodeStrURIHMAC_SHA384 = XMLString::transcode(URI_ID_HMAC_SHA384);
+ s_unicodeStrURIHMAC_SHA512 = XMLString::transcode(URI_ID_HMAC_SHA512);
s_unicodeStrURIXMLNS = XMLString::transcode(URI_ID_XMLNS);
s_unicodeStrURIMANIFEST = XMLString::transcode(URI_ID_MANIFEST);
@@ -168,6 +289,10 @@
XSEC_RELEASE_XMLCH(s_unicodeStrURIEC);
XSEC_RELEASE_XMLCH(s_unicodeStrURIXPF);
XSEC_RELEASE_XMLCH(s_unicodeStrURIXENC);
+
+ XSEC_RELEASE_XMLCH(s_unicodeStrURISIGBASE);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURISIGBASEMORE);
+
XSEC_RELEASE_XMLCH(s_unicodeStrURISHA1);
XSEC_RELEASE_XMLCH(s_unicodeStrURISHA224);
XSEC_RELEASE_XMLCH(s_unicodeStrURISHA256);
@@ -184,7 +309,15 @@
XSEC_RELEASE_XMLCH(s_unicodeStrURIEXC_C14N_COM);
XSEC_RELEASE_XMLCH(s_unicodeStrURIDSA_SHA1);
XSEC_RELEASE_XMLCH(s_unicodeStrURIRSA_SHA1);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIRSA_SHA224);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIRSA_SHA256);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIRSA_SHA384);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIRSA_SHA512);
XSEC_RELEASE_XMLCH(s_unicodeStrURIHMAC_SHA1);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIHMAC_SHA224);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIHMAC_SHA256);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIHMAC_SHA384);
+ XSEC_RELEASE_XMLCH(s_unicodeStrURIHMAC_SHA512);
XSEC_RELEASE_XMLCH(s_unicodeStrURIXMLNS);
XSEC_RELEASE_XMLCH(s_unicodeStrURIMANIFEST);
@@ -205,3 +338,182 @@
XSEC_RELEASE_XMLCH(s_unicodeStrPROVWinCAPI);
}
+
+// --------------------------------------------------------------------------------
+// URI Mappings
+// --------------------------------------------------------------------------------
+
+bool getHashMethod(const XMLCh * URI, hashMethod & hm) {
+
+ if (strEquals(URI, s_md5)) {
+
+ hm = HASH_MD5;
+ return true;
+
+ }
+
+ if (strEquals(URI, s_sha1)) {
+
+ hm = HASH_SHA1;
+ return true;
+ }
+
+ if (strEquals(URI, s_sha224)) {
+
+ hm = HASH_SHA224;
+ return true;
+ }
+
+ if (strEquals(URI, s_sha256)) {
+
+ hm = HASH_SHA256;
+ return true;
+ }
+
+ if (strEquals(URI, s_sha384)) {
+
+ hm = HASH_SHA384;
+ return true;
+ }
+
+ if (strEquals(URI, s_sha512)) {
+
+ hm = HASH_SHA512;
+ return true;
+ }
+
+ hm = HASH_NONE;
+ return false;
+
+}
+
+bool XSECmapURIToSignatureMethods(const XMLCh * URI,
+ signatureMethod & sm,
+ hashMethod & hm) {
+
+
+ // The easy ones!
+
+ if (strEquals(URI, DSIGConstants::s_unicodeStrURIDSA_SHA1)) {
+
+ sm = SIGNATURE_DSA;
+ hm = HASH_SHA1;
+
+ return true;
+
+ }
+
+ if (strEquals(URI, DSIGConstants::s_unicodeStrURIRSA_SHA1)) {
+
+ sm = SIGNATURE_RSA;
+ hm = HASH_SHA1;
+
+ return true;
+
+ }
+
+ if (strEquals(URI, DSIGConstants::s_unicodeStrURIHMAC_SHA1)) {
+
+ sm = SIGNATURE_HMAC;
+ hm = HASH_SHA1;
+
+ return true;
+
+ }
+
+ /* Check to see if we are one of the more exotic RSA signatures */
+
+ unsigned int cnt = XMLString::stringLen(DSIGConstants::s_unicodeStrURISIGBASEMORE);
+
+ if (XMLString::compareNString(URI, DSIGConstants::s_unicodeStrURISIGBASEMORE, cnt) == 0) {
+
+ // Have an "new" algorithm
+ if (XMLString::compareNString(&URI[cnt], s_hmac, 4) == 0) {
+
+ // Some kind of HMAC
+ sm = SIGNATURE_HMAC;
+
+ // Determine a trailing hash method
+ if (URI[cnt+4] != chDash)
+ return false;
+ return getHashMethod(&(URI[cnt+5]), hm);
+
+ }
+
+ if (XMLString::compareNString(&URI[cnt], s_rsa, 3) == 0) {
+
+ sm = SIGNATURE_RSA;
+ if (URI[cnt+3] != chDash)
+ return false;
+ return getHashMethod(&(URI[cnt+4]), hm);
+ }
+
+ }
+
+ sm = SIGNATURE_NONE;
+ hm = HASH_NONE;
+ return false;
+
+}
+
+bool XSECmapURIToHashMethod(const XMLCh * URI,
+ hashMethod & hm) {
+
+
+ // Check this is a known prefix on the URI.
+ unsigned int blen = XMLString::stringLen(DSIGConstants::s_unicodeStrURISIGBASE);
+ unsigned int bmlen = XMLString::stringLen(DSIGConstants::s_unicodeStrURISIGBASEMORE);
+ unsigned int belen = XMLString::stringLen(DSIGConstants::s_unicodeStrURIXENC);
+ if (XMLString::compareNString(URI, DSIGConstants::s_unicodeStrURISIGBASE, blen) == 0) {
+
+ // This is actually cheating - this will return SHA256 (as an example), even if
+ // the base URI is the original DSIG uri (ie not base-more)
+ return getHashMethod(&URI[blen], hm);
+
+ }
+
+ if (XMLString::compareNString(URI, DSIGConstants::s_unicodeStrURISIGBASEMORE, bmlen) == 0) {
+
+ return getHashMethod(&URI[bmlen], hm);
+
+ }
+
+ if (XMLString::compareNString(URI, DSIGConstants::s_unicodeStrURIXENC, belen) == 0) {
+
+ return getHashMethod(&URI[belen], hm);
+
+ }
+
+ hm = HASH_NONE;
+ return false;
+
+}
+
+bool XSECmapURIToCanonicalizationMethod(const XMLCh * URI,
+ canonicalizationMethod & cm) {
+
+ // Quick and dirty but inefficient
+ if (strEquals(URI, DSIGConstants::s_unicodeStrURIC14N_NOC)) {
+ cm = CANON_C14N_NOC;
+ }
+ else if (strEquals(URI, DSIGConstants::s_unicodeStrURIC14N_COM)) {
+ cm = CANON_C14N_COM;
+ }
+
+ else if (strEquals(URI, DSIGConstants::s_unicodeStrURIEXC_C14N_COM)) {
+ cm = CANON_C14NE_COM;
+ }
+
+ else if (strEquals(URI, DSIGConstants::s_unicodeStrURIEXC_C14N_NOC)) {
+ cm = CANON_C14NE_NOC;
+ }
+
+ else {
+
+ // Unknown
+ cm = CANON_NONE;
+ return false;
+ }
+
+ return true;
+}