You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2010/07/20 04:45:27 UTC
svn commit: r965717 - in /xml/security/trunk/c: CHANGELOG.txt
src/dsig/DSIGReference.cpp src/dsig/DSIGSignature.cpp
src/transformers/TXFMOutputFile.cpp src/utils/XSECPlatformUtils.cpp
src/utils/XSECPlatformUtils.hpp
Author: scantor
Date: Tue Jul 20 02:45:27 2010
New Revision: 965717
URL: http://svn.apache.org/viewvc?rev=965717&view=rev
Log:
Support for pluggable debugging of Reference/SignedInfo data via TXFMBase interface.
Modified:
xml/security/trunk/c/CHANGELOG.txt
xml/security/trunk/c/src/dsig/DSIGReference.cpp
xml/security/trunk/c/src/dsig/DSIGSignature.cpp
xml/security/trunk/c/src/transformers/TXFMOutputFile.cpp
xml/security/trunk/c/src/utils/XSECPlatformUtils.cpp
xml/security/trunk/c/src/utils/XSECPlatformUtils.hpp
Modified: xml/security/trunk/c/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/CHANGELOG.txt?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/CHANGELOG.txt (original)
+++ xml/security/trunk/c/CHANGELOG.txt Tue Jul 20 02:45:27 2010
@@ -15,6 +15,7 @@ Changes since 1.5.1
* White/blacklisting of otherwise registered algorithms (SC)
* Add selected XML Signature 1.1 KeyInfo extensions (SC)
* Add elliptic curve signatures via ECDSA (SC)
+* Support debugging of Reference/SignedInfo data (SC)
Changes between 1.5 and 1.5.1
=====================================
Modified: xml/security/trunk/c/src/dsig/DSIGReference.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/dsig/DSIGReference.cpp?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/src/dsig/DSIGReference.cpp (original)
+++ xml/security/trunk/c/src/dsig/DSIGReference.cpp Tue Jul 20 02:45:27 2010
@@ -1267,12 +1267,10 @@ unsigned int DSIGReference::calculateHas
}
-#if 0
- TXFMOutputFile * of = new TXFMOutputFile(d);
-
- of->setFile("Output");
- chain->(of);
-#endif
+ // Check for debugging sink for the data
+ TXFMBase* sink = XSECPlatformUtils::GetReferenceLoggingSink(d);
+ if (sink)
+ chain->appendTxfm(sink);
// Get the mapping for the hash transform
Modified: xml/security/trunk/c/src/dsig/DSIGSignature.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/dsig/DSIGSignature.cpp?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/src/dsig/DSIGSignature.cpp (original)
+++ xml/security/trunk/c/src/dsig/DSIGSignature.cpp Tue Jul 20 02:45:27 2010
@@ -32,21 +32,6 @@
#include <xsec/dsig/DSIGObject.hpp>
#include <xsec/dsig/DSIGReference.hpp>
#include <xsec/dsig/DSIGTransformList.hpp>
-#include <xsec/transformers/TXFMDocObject.hpp>
-#include <xsec/transformers/TXFMOutputFile.hpp>
-#include <xsec/transformers/TXFMSHA1.hpp>
-#include <xsec/transformers/TXFMBase64.hpp>
-#include <xsec/transformers/TXFMC14n.hpp>
-#include <xsec/transformers/TXFMChain.hpp>
-#include <xsec/framework/XSECError.hpp>
-#include <xsec/framework/XSECAlgorithmHandler.hpp>
-#include <xsec/framework/XSECAlgorithmMapper.hpp>
-#include <xsec/enc/XSECCryptoKeyDSA.hpp>
-#include <xsec/enc/XSECCryptoKeyRSA.hpp>
-#include <xsec/utils/XSECDOMUtils.hpp>
-#include <xsec/utils/XSECBinTXFMInputStream.hpp>
-#include <xsec/framework/XSECURIResolver.hpp>
-#include <xsec/enc/XSECKeyInfoResolver.hpp>
#include <xsec/dsig/DSIGKeyInfoValue.hpp>
#include <xsec/dsig/DSIGKeyInfoX509.hpp>
#include <xsec/dsig/DSIGKeyInfoName.hpp>
@@ -54,7 +39,23 @@
#include <xsec/dsig/DSIGKeyInfoSPKIData.hpp>
#include <xsec/dsig/DSIGKeyInfoMgmtData.hpp>
#include <xsec/dsig/DSIGAlgorithmHandlerDefault.hpp>
+#include <xsec/enc/XSECCryptoKeyDSA.hpp>
+#include <xsec/enc/XSECCryptoKeyRSA.hpp>
+#include <xsec/enc/XSECKeyInfoResolver.hpp>
+#include <xsec/framework/XSECError.hpp>
+#include <xsec/framework/XSECAlgorithmHandler.hpp>
+#include <xsec/framework/XSECAlgorithmMapper.hpp>
#include <xsec/framework/XSECEnv.hpp>
+#include <xsec/framework/XSECURIResolver.hpp>
+#include <xsec/transformers/TXFMDocObject.hpp>
+#include <xsec/transformers/TXFMOutputFile.hpp>
+#include <xsec/transformers/TXFMSHA1.hpp>
+#include <xsec/transformers/TXFMBase64.hpp>
+#include <xsec/transformers/TXFMC14n.hpp>
+#include <xsec/transformers/TXFMChain.hpp>
+#include <xsec/utils/XSECBinTXFMInputStream.hpp>
+#include <xsec/utils/XSECDOMUtils.hpp>
+#include <xsec/utils/XSECPlatformUtils.hpp>
// Xerces includes
@@ -992,6 +993,11 @@ unsigned int DSIGSignature::calculateSig
TXFMChain * chain = getSignedInfoInput();
Janitor<TXFMChain> j_chain(chain);
+ // Check for debugging sink for the data
+ TXFMBase* sink = XSECPlatformUtils::GetReferenceLoggingSink(mp_doc);
+ if (sink)
+ chain->appendTxfm(sink);
+
// Setup Hash
// First find the appropriate handler for the URI
XSECAlgorithmHandler * handler =
@@ -1014,20 +1020,8 @@ unsigned int DSIGSignature::calculateSig
}
-#if 0
- TXFMOutputFile * of = new TXFMOutputFile(mp_doc);
-
- of->setFile("Output");
- of->setInput(hashVal);
- hashVal=of;
-#endif
-
// Write hash to the buffer
- int hashLen;
-
- hashLen = chain->getLastTxfm()->readBytes((XMLByte *) hashBuf, hashBufLen);
-
- return hashLen;
+ return chain->getLastTxfm()->readBytes((XMLByte *) hashBuf, hashBufLen);
}
Modified: xml/security/trunk/c/src/transformers/TXFMOutputFile.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/transformers/TXFMOutputFile.cpp?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/src/transformers/TXFMOutputFile.cpp (original)
+++ xml/security/trunk/c/src/transformers/TXFMOutputFile.cpp Tue Jul 20 02:45:27 2010
@@ -59,10 +59,12 @@ bool TXFMOutputFile::setFile(char * cons
using std::ios;
- f.open(fileName, ios::binary);
+ f.open(fileName, ios::binary|ios::out|ios::app);
- if (f.is_open())
+ if (f.is_open()) {
+ f.write("\n----- BEGIN -----\n", 19);
return true;
+ }
return false;
Modified: xml/security/trunk/c/src/utils/XSECPlatformUtils.cpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/utils/XSECPlatformUtils.cpp?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/src/utils/XSECPlatformUtils.cpp (original)
+++ xml/security/trunk/c/src/utils/XSECPlatformUtils.cpp Tue Jul 20 02:45:27 2010
@@ -33,9 +33,12 @@
#include <xsec/dsig/DSIGSignature.hpp>
#include <xsec/xkms/XKMSConstants.hpp>
#include <xsec/framework/XSECAlgorithmMapper.hpp>
+#include <xsec/transformers/TXFMOutputFile.hpp>
#include "../xenc/impl/XENCCipherImpl.hpp"
+XERCES_CPP_NAMESPACE_USE
+
#if defined(_WIN32)
#include <xsec/utils/winutils/XSECBinHTTPURIInputStream.hpp>
#endif
@@ -61,6 +64,8 @@ const XSECAlgorithmMapper * XSECPlatform
XSECAlgorithmMapper * internalMapper = NULL;
+XSECPlatformUtils::TransformFactory* XSECPlatformUtils::g_loggingSink = NULL;
+
// Determine default crypto provider
#if defined (HAVE_OPENSSL)
@@ -75,6 +80,15 @@ XSECAlgorithmMapper * internalMapper = N
# endif
#endif
+TXFMBase* TXFMOutputFileFactory(DOMDocument* doc) {
+
+ TXFMOutputFile* sink = new TXFMOutputFile(doc);
+ if (sink)
+ sink->setFile(getenv("XSEC_DEBUG_FILE"));
+ return sink;
+
+}
+
void XSECPlatformUtils::Initialise(XSECCryptoProvider * p) {
if (++initCount > 1)
@@ -107,6 +121,9 @@ void XSECPlatformUtils::Initialise(XSECC
// Initialise the DSIGSignature class
DSIGSignature::Initialise();
+ const char* sink = getenv("XSEC_DEBUG_FILE");
+ if (sink && *sink)
+ g_loggingSink = TXFMOutputFileFactory;
};
void XSECPlatformUtils::SetCryptoProvider(XSECCryptoProvider * p) {
@@ -118,6 +135,16 @@ void XSECPlatformUtils::SetCryptoProvide
}
+void XSECPlatformUtils::SetReferenceLoggingSink(TransformFactory* factory) {
+
+ g_loggingSink = factory;
+
+}
+
+TXFMBase* XSECPlatformUtils::GetReferenceLoggingSink(DOMDocument* doc) {
+
+ return (g_loggingSink ? g_loggingSink(doc) : NULL);
+}
void XSECPlatformUtils::Terminate(void) {
Modified: xml/security/trunk/c/src/utils/XSECPlatformUtils.hpp
URL: http://svn.apache.org/viewvc/xml/security/trunk/c/src/utils/XSECPlatformUtils.hpp?rev=965717&r1=965716&r2=965717&view=diff
==============================================================================
--- xml/security/trunk/c/src/utils/XSECPlatformUtils.hpp (original)
+++ xml/security/trunk/c/src/utils/XSECPlatformUtils.hpp Tue Jul 20 02:45:27 2010
@@ -28,11 +28,14 @@
#ifndef XSECPLATFORMUTILS_INCLUDE
#define XSECPLATFORMUTILS_INCLUDE
+#include <xercesc/dom/DOM.hpp>
+
// XSEC
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/enc/XSECCryptoProvider.hpp>
+class TXFMBase;
class XSECAlgorithmMapper;
class XSECAlgorithmHandler;
@@ -176,6 +179,27 @@ public :
static void blacklistAlgorithm(const XMLCh* URI);
+ typedef TXFMBase* TransformFactory(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument*);
+
+ /**
+ * \brief Installs logging support during Reference processing
+ *
+ * The function provided will be called during Reference computation
+ * to obtain a transform interface to place at the end of the
+ * transform chain. It will be given the chance to log or preserve
+ * the result of applying transforms to References during signing
+ * and verification operations.
+ */
+ static void SetReferenceLoggingSink(TransformFactory* factory);
+
+ /**
+ * \brief Returns a transform for logging of Reference processing
+ *
+ * @param doc the DOM document containing the data being processed
+ * @return a transform to install for logging of Reference data, or NULL
+ */
+ static TXFMBase* GetReferenceLoggingSink(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument* doc);
+
/**
* \brief Terminate
*
@@ -189,6 +213,8 @@ public :
static void Terminate(void);
+private:
+ static TransformFactory* g_loggingSink;
};