You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2005/01/09 10:21:26 UTC
cvs commit: xml-security/c/src/xkms/impl XKMSMessageAbstractTypeImpl.cpp
blautenb 2005/01/09 01:21:26
Modified: c/src/tools/xklient xklient.cpp
c/src/xkms/impl XKMSMessageAbstractTypeImpl.cpp
Log:
Support main XKISS interop tests
Revision Changes Path
1.27 +77 -2 xml-security/c/src/tools/xklient/xklient.cpp
Index: xklient.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/xklient/xklient.cpp,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- xklient.cpp 9 Jan 2005 09:03:53 -0000 1.26
+++ xklient.cpp 9 Jan 2005 09:21:26 -0000 1.27
@@ -62,6 +62,10 @@
#include <xsec/utils/XSECSOAPRequestorSimple.hpp>
+#include <xsec/utils/XSECBinTXFMInputStream.hpp>
+#include <xsec/dsig/DSIGReference.hpp>
+#include <xsec/dsig/DSIGReferenceList.hpp>
+
// General
#include <memory.h>
@@ -384,6 +388,8 @@
cerr << " : Add a RespondWith element\n";
cerr << " --add-responsemechanism/-m <Identifier>\n";
cerr << " : Add a ResponseMechanism element\n";
+ cerr << " --sign-rsa/-sr <filename> <passphrase>\n";
+ cerr << " : Sign using the RSA key in file protected by passphrase\n";
cerr << " --sign-dsa/-sd <filename> <passphrase>\n";
cerr << " : Sign using the DSA key in file protected by passphrase\n\n";
@@ -650,8 +656,12 @@
cerr << " : Add a RespondWith element\n";
cerr << " --add-responsemechanism/-m <Identifier>\n";
cerr << " : Add a ResponseMechanism element\n";
+ cerr << " --sign-rsa/-sr <filename> <passphrase>\n";
+ cerr << " : Sign using the RSA key in file protected by passphrase\n";
cerr << " --sign-dsa/-sd <filename> <passphrase>\n";
- cerr << " : Sign using the DSA key in file protected by passphrase\n\n";
+ cerr << " : Sign using the DSA key in file protected by passphrase\n";
+ cerr << " --sign-cert/-sc <filename>\n";
+ cerr << " : Add the indicated certificate to the signature KeyInfo\n\n";
}
@@ -883,6 +893,57 @@
} /* argv[1] = "dsa/rsa" */
+ else if (stricmp(argv[paramCount], "--sign-cert") == 0 || stricmp(argv[paramCount], "-sc") == 0) {
+ if (++paramCount >= argc) {
+ printValidateRequestUsage();
+ delete vr;
+ return NULL;
+ }
+ XSECCryptoX509 * x = loadX509(argv[paramCount]);
+ if (x == NULL) {
+ delete vr;
+ (*doc)->release();
+ cerr << "Error opening Certificate file : " <<
+ argv[paramCount] << endl;
+ return NULL;
+ }
+
+ Janitor<XSECCryptoX509> j_x(x);
+
+ DSIGSignature * sig = vr->getSignature();
+ if (sig == NULL) {
+ cerr << "Can only add Certificates to signature after signing\n";
+ return NULL;
+ }
+
+ // See if there is already an X.509 element
+ DSIGKeyInfoX509 * kix;
+ if ((kix = findX509Data(sig->getKeyInfoList())) == NULL)
+ kix = sig->appendX509Data();
+ safeBuffer sb = x->getDEREncodingSB();
+ kix->appendX509Certificate(sb.sbStrToXMLCh());
+ paramCount++;
+ /***********************************************/
+ cout << "Start doc\n";
+ outputDoc(*doc);
+ cout << "End doc\n";
+ if (sig->verify())
+ cout << "OK";
+ else
+ cout << "BAD";
+ DSIGReference * ref = sig->getReferenceList()->item(0);
+ XSECBinTXFMInputStream *is = ref->makeBinInputStream();
+ cout << "---" << endl;
+ XMLByte buf[1024];
+ int ct = is->readBytes(buf,1023);
+ while (ct != 0) {
+ buf[ct]='\0';
+ cout << buf;
+ ct = is->readBytes(buf,1023);
+ }
+ cout << "---" << endl;
+
+ }
#endif
else {
@@ -1459,6 +1520,20 @@
}
else
cout << "Nonce = <NONE SET>" << endl;
+
+ /* Check for OpaqueClientData */
+ if (msg->getOpaqueClientDataSize() > 0) {
+ levelSet(level);
+ cout << "Opaque Client Data found : " << endl;
+ for (int i = 0; i < msg->getOpaqueClientDataSize(); ++i) {
+ s = XMLString::transcode(msg->getOpaqueClientDataItemStr(i));
+ if (s != NULL) {
+ levelSet(level + 1);
+ cout << i << " : " << s << endl;
+ XSEC_RELEASE_XMLCH(s);
+ }
+ }
+ }
}
void doRequestAbstractTypeDump(XKMSRequestAbstractType *msg, int level) {
1.8 +22 -4 xml-security/c/src/xkms/impl/XKMSMessageAbstractTypeImpl.cpp
Index: XKMSMessageAbstractTypeImpl.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/xkms/impl/XKMSMessageAbstractTypeImpl.cpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- XKMSMessageAbstractTypeImpl.cpp 10 Oct 2004 07:00:35 -0000 1.7
+++ XKMSMessageAbstractTypeImpl.cpp 9 Jan 2005 09:21:26 -0000 1.8
@@ -365,6 +365,8 @@
else
mp_messageAbstractTypeElement->appendChild(elt);
+ mp_signature = ret;
+
return ret;
}
@@ -416,9 +418,25 @@
str.rawXMLChBuffer());
mp_env->doPrettyPrint(mp_opaqueClientDataElement);
- mp_messageAbstractTypeElement->appendChild(mp_opaqueClientDataElement);
- mp_env->doPrettyPrint(mp_messageAbstractTypeElement);
-
+ /* Have to insert before anything else in the message */
+ DOMElement * te;
+ te = findFirstElementChild(mp_messageAbstractTypeElement);
+ while (te != NULL &&
+ strEquals(getXKMSLocalName(te), XKMSConstants::s_tagSignature))
+ te = findNextElementChild(te);
+
+ if (te == NULL) {
+
+ mp_messageAbstractTypeElement->appendChild(mp_opaqueClientDataElement);
+ mp_env->doPrettyPrint(mp_messageAbstractTypeElement);
+ }
+ else {
+ mp_messageAbstractTypeElement->insertBefore(mp_opaqueClientDataElement, te);
+ if (mp_env->getPrettyPrintFlag()) {
+ mp_messageAbstractTypeElement->insertBefore(
+ mp_env->getParentDocument()->createTextNode(DSIGConstants::s_unicodeStrNL), te);
+ }
+ }
}
makeQName(str, prefix, XKMSConstants::s_tagOpaqueData);