You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2017/12/11 22:47:45 UTC
svn commit: r1817863 [4/7] - in /santuario/xml-security-cpp/trunk:
Projects/VC15.0/xsec/xsec_lib/ xsec/ xsec/dsig/ xsec/enc/ xsec/enc/NSS/
xsec/enc/OpenSSL/ xsec/enc/WinCAPI/ xsec/transformers/ xsec/xenc/impl/
xsec/xkms/
Modified: santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.cpp Mon Dec 11 22:47:43 2017
@@ -260,17 +260,15 @@ namespace {
};
OpenSSLCryptoKeyRSA::OpenSSLCryptoKeyRSA() :
-mp_rsaKey(NULL),
-mp_oaepParams(NULL),
-m_oaepParamsLen(0),
-mp_accumE(NULL),
-mp_accumN(NULL),
-m_mgf(MGF1_SHA1) {
+ mp_rsaKey(NULL),
+ mp_oaepParams(NULL),
+ m_oaepParamsLen(0),
+ mp_accumE(NULL),
+ mp_accumN(NULL),
+ m_mgf(MGF1_SHA1) {
};
OpenSSLCryptoKeyRSA::~OpenSSLCryptoKeyRSA() {
-
-
// If we have a RSA, delete it (OpenSSL will clear the memory)
if (mp_rsaKey)
@@ -286,7 +284,11 @@ OpenSSLCryptoKeyRSA::~OpenSSLCryptoKeyRS
BN_free(mp_accumN);
};
-void OpenSSLCryptoKeyRSA::setOAEPparams(unsigned char * params, unsigned int paramsLen) {
+const XMLCh* OpenSSLCryptoKeyRSA::getProviderName() const {
+ return DSIGConstants::s_unicodeStrPROVOpenSSL;
+}
+
+void OpenSSLCryptoKeyRSA::setOAEPparams(unsigned char* params, unsigned int paramsLen) {
if (mp_oaepParams != NULL) {
delete[] mp_oaepParams;
@@ -299,31 +301,22 @@ void OpenSSLCryptoKeyRSA::setOAEPparams(
}
else
mp_oaepParams = NULL;
-
}
void OpenSSLCryptoKeyRSA::setMGF(maskGenerationFunc mgf) {
-
m_mgf = mgf;
-
}
-unsigned int OpenSSLCryptoKeyRSA::getOAEPparamsLen(void) const {
-
+unsigned int OpenSSLCryptoKeyRSA::getOAEPparamsLen() const {
return m_oaepParamsLen;
-
}
-const unsigned char * OpenSSLCryptoKeyRSA::getOAEPparams(void) const {
-
+const unsigned char * OpenSSLCryptoKeyRSA::getOAEPparams() const {
return mp_oaepParams;
-
}
maskGenerationFunc OpenSSLCryptoKeyRSA::getMGF() const {
-
return m_mgf;
-
}
// Generic key functions
@@ -347,13 +340,10 @@ XSECCryptoKey::KeyType OpenSSLCryptoKeyR
return KEY_RSA_PUBLIC;
return KEY_NONE;
-
}
-void OpenSSLCryptoKeyRSA::loadPublicModulusBase64BigNums(const char * b64, unsigned int len) {
-
+void OpenSSLCryptoKeyRSA::loadPublicModulusBase64BigNums(const char* b64, unsigned int len) {
setNBase(OpenSSLCryptoBase64::b642BN((char *) b64, len));
-
}
void OpenSSLCryptoKeyRSA::setNBase(BIGNUM *nBase) {
@@ -376,10 +366,8 @@ void OpenSSLCryptoKeyRSA::setNBase(BIGNU
}
-void OpenSSLCryptoKeyRSA::loadPublicExponentBase64BigNums(const char * b64, unsigned int len) {
-
+void OpenSSLCryptoKeyRSA::loadPublicExponentBase64BigNums(const char* b64, unsigned int len) {
setEBase(OpenSSLCryptoBase64::b642BN((char *) b64, len));
-
}
@@ -417,12 +405,12 @@ void OpenSSLCryptoKeyRSA::commitEN() {
// "Hidden" OpenSSL functions
OpenSSLCryptoKeyRSA::OpenSSLCryptoKeyRSA(EVP_PKEY *k) :
-mp_rsaKey(NULL),
-mp_oaepParams(NULL),
-m_oaepParamsLen(0),
-mp_accumE(NULL),
-mp_accumN(NULL),
-m_mgf(MGF1_SHA1)
+ mp_rsaKey(NULL),
+ mp_oaepParams(NULL),
+ m_oaepParamsLen(0),
+ mp_accumE(NULL),
+ mp_accumN(NULL),
+ m_mgf(MGF1_SHA1)
{
// Create a new key to be loaded as we go
@@ -454,16 +442,16 @@ m_mgf(MGF1_SHA1)
// Verify a signature encoded as a Base64 string
// --------------------------------------------------------------------------------
-bool OpenSSLCryptoKeyRSA::verifySHA1PKCS1Base64Signature(const unsigned char * hashBuf,
- unsigned int hashLen,
- const char * base64Signature,
- unsigned int sigLen,
- hashMethod hm = HASH_SHA1) const {
+bool OpenSSLCryptoKeyRSA::verifySHA1PKCS1Base64Signature(
+ const unsigned char* hashBuf,
+ unsigned int hashLen,
+ const char * base64Signature,
+ unsigned int sigLen,
+ XSECCryptoHash::HashType type) const {
// Use the currently loaded key to validate the Base64 encoded signature
if (mp_rsaKey == NULL) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Attempt to validate signature with empty key");
}
@@ -494,7 +482,6 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
cleanedBase64SignatureLen);
if (rc < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Error during Base64 Decode");
}
@@ -510,16 +497,16 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
int keySize = RSA_size(mp_rsaKey);
if (keySize != sigValLen) {
- throw XSECCryptoException(XSECCryptoException::RSAError,
- "OpenSSL:RSA - Signature size does not match key size");
+ throw XSECCryptoException(XSECCryptoException::RSAError,
+ "OpenSSL:RSA - Signature size does not match key size");
}
// Now decrypt
- unsigned char * decryptBuf;
+ unsigned char* decryptBuf;
// Decrypt will always be longer than (RSA_len(key) - 11)
- decryptBuf = new unsigned char [RSA_size(mp_rsaKey)];
+ decryptBuf = new unsigned char[RSA_size(mp_rsaKey)];
ArrayJanitor<unsigned char> j_decryptBuf(decryptBuf);
// Note at this time only supports PKCS1 padding
@@ -536,16 +523,13 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
RSA_PKCS1_PADDING);
if (decryptSize < 0) {
-
-/* throw XSECCryptoException(XSECCryptoException::RSAError,
- "OpenSSL:RSA::verify() - Error decrypting signature"); */
// Really - this is a failed signature check, not an exception!
return false;
}
/* Check the OID */
int oidLen = 0;
- unsigned char * oid = getRSASigOID(hm, oidLen);
+ unsigned char * oid = getRSASigOID(type, oidLen);
if (oid == NULL) {
throw XSECCryptoException(XSECCryptoException::RSAError,
@@ -553,34 +537,23 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
}
if (decryptSize != (int) (oidLen + hashLen) || hashLen != oid[oidLen-1]) {
-
return false;
-
}
for (t = 0; t < oidLen; ++t) {
-
if (oid[t] != decryptBuf[t]) {
-
return false;
-
}
-
}
for (;t < decryptSize; ++t) {
-
if (hashBuf[t-oidLen] != decryptBuf[t]) {
-
return false;
-
}
-
}
// All OK
return true;
-
}
// --------------------------------------------------------------------------------
@@ -588,30 +561,30 @@ bool OpenSSLCryptoKeyRSA::verifySHA1PKCS
// --------------------------------------------------------------------------------
-unsigned int OpenSSLCryptoKeyRSA::signSHA1PKCS1Base64Signature(unsigned char * hashBuf,
+unsigned int OpenSSLCryptoKeyRSA::signSHA1PKCS1Base64Signature(
+ unsigned char* hashBuf,
unsigned int hashLen,
char * base64SignatureBuf,
unsigned int base64SignatureBufLen,
- hashMethod hm) const {
+ XSECCryptoHash::HashType type) const {
// Sign a pre-calculated hash using this key
if (mp_rsaKey == NULL) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Attempt to sign data with empty key");
}
// Build the buffer to be encrypted by prepending the SHA1 OID to the hash
- unsigned char * encryptBuf;
- unsigned char * preEncryptBuf;
- unsigned char * oid;
+ unsigned char* encryptBuf;
+ unsigned char* preEncryptBuf;
+ unsigned char* oid;
int oidLen;
int encryptLen;
int preEncryptLen;
- oid = getRSASigOID(hm, oidLen);
+ oid = getRSASigOID(type, oidLen);
if (oid == NULL) {
throw XSECCryptoException(XSECCryptoException::RSAError,
@@ -641,7 +614,6 @@ unsigned int OpenSSLCryptoKeyRSA::signSH
delete[] preEncryptBuf;
if (encryptLen < 0) {
-
delete[] encryptBuf;
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA::sign() - Error encrypting hash");
@@ -667,7 +639,6 @@ unsigned int OpenSSLCryptoKeyRSA::signSH
delete[] encryptBuf;
if (sigValLen <= 0) {
-
throw XSECCryptoException(XSECCryptoException::DSAError,
"OpenSSL:RSA - Error base64 encoding signature");
}
@@ -679,22 +650,21 @@ unsigned int OpenSSLCryptoKeyRSA::signSH
// decrypt a buffer
// --------------------------------------------------------------------------------
-unsigned int OpenSSLCryptoKeyRSA::privateDecrypt(const unsigned char * inBuf,
- unsigned char * plainBuf,
- unsigned int inLength,
- unsigned int maxOutLength,
- PaddingType padding,
- hashMethod hm) const {
+unsigned int OpenSSLCryptoKeyRSA::privateDecrypt(
+ const unsigned char* inBuf,
+ unsigned char* plainBuf,
+ unsigned int inLength,
+ unsigned int maxOutLength,
+ PaddingType padding,
+ XSECCryptoHash::HashType type) const {
// Perform a decrypt
if (mp_rsaKey == NULL) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Attempt to decrypt data with empty key");
}
#if 0
-
/* normally commented out code to determine endian problems */
unsigned int i;
unsigned char e[2048];
@@ -705,7 +675,6 @@ unsigned int OpenSSLCryptoKeyRSA::privat
inBuf1[i] = e[inLength - 1 - i];
}
}
-
#endif
int decryptSize;
@@ -725,17 +694,14 @@ unsigned int OpenSSLCryptoKeyRSA::privat
RSA_PKCS1_PADDING);
if (decryptSize < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA privateKeyDecrypt - Error Decrypting PKCS1_5 padded RSA encrypt");
-
}
break;
case XSECCryptoKeyRSA::PAD_OAEP_MGFP1 :
{
-
unsigned char * tBuf;
int num = RSA_size(mp_rsaKey);
XSECnew(tBuf, unsigned char[num]);
@@ -743,20 +709,20 @@ unsigned int OpenSSLCryptoKeyRSA::privat
const EVP_MD* evp_md = NULL;
const EVP_MD* mgf_md = NULL;
- switch (hm) {
- case HASH_SHA1:
+ switch (type) {
+ case XSECCryptoHash::HASH_SHA1:
evp_md = EVP_get_digestbyname("SHA1");
break;
- case HASH_SHA224:
+ case XSECCryptoHash::HASH_SHA224:
evp_md = EVP_get_digestbyname("SHA224");
break;
- case HASH_SHA256:
+ case XSECCryptoHash::HASH_SHA256:
evp_md = EVP_get_digestbyname("SHA256");
break;
- case HASH_SHA384:
+ case XSECCryptoHash::HASH_SHA384:
evp_md = EVP_get_digestbyname("SHA384");
break;
- case HASH_SHA512:
+ case XSECCryptoHash::HASH_SHA512:
evp_md = EVP_get_digestbyname("SHA512");
break;
}
@@ -799,10 +765,8 @@ unsigned int OpenSSLCryptoKeyRSA::privat
mp_rsaKey,
RSA_NO_PADDING);
if (decryptSize < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA privateKeyDecrypt - Error doing raw decrypt of RSA encrypted data");
-
}
// Clear out the "0"s at the front
@@ -821,24 +785,19 @@ unsigned int OpenSSLCryptoKeyRSA::privat
mgf_md);
if (decryptSize < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA privateKeyDecrypt - Error removing OAEPadding");
-
}
}
break;
default :
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Unknown padding method");
-
}
#if 0
-
/* normally commented out code to determine endian problems */
int i;
unsigned char t[512];
@@ -848,27 +807,25 @@ unsigned int OpenSSLCryptoKeyRSA::privat
plainBuf[i] = t[decryptSize - 1 - i];
}
}
-
#endif
return decryptSize;
-
}
// --------------------------------------------------------------------------------
// encrypt a buffer
// --------------------------------------------------------------------------------
-unsigned int OpenSSLCryptoKeyRSA::publicEncrypt(const unsigned char * inBuf,
- unsigned char * cipherBuf,
- unsigned int inLength,
- unsigned int maxOutLength,
- PaddingType padding,
- hashMethod hm) const {
+unsigned int OpenSSLCryptoKeyRSA::publicEncrypt(
+ const unsigned char* inBuf,
+ unsigned char* cipherBuf,
+ unsigned int inLength,
+ unsigned int maxOutLength,
+ PaddingType padding,
+ XSECCryptoHash::HashType type) const {
// Perform an encrypt
if (mp_rsaKey == NULL) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Attempt to encrypt data with empty key");
}
@@ -890,17 +847,14 @@ unsigned int OpenSSLCryptoKeyRSA::public
RSA_PKCS1_PADDING);
if (encryptSize < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA publicKeyEncrypt - Error performing PKCS1_5 padded RSA encrypt");
-
}
break;
case XSECCryptoKeyRSA::PAD_OAEP_MGFP1 :
{
-
unsigned char * tBuf;
unsigned int num = RSA_size(mp_rsaKey);
if (maxOutLength < num) {
@@ -911,20 +865,20 @@ unsigned int OpenSSLCryptoKeyRSA::public
const EVP_MD* evp_md = NULL;
const EVP_MD* mgf_md = NULL;
- switch (hm) {
- case HASH_SHA1:
+ switch (type) {
+ case XSECCryptoHash::HASH_SHA1:
evp_md = EVP_get_digestbyname("SHA1");
break;
- case HASH_SHA224:
+ case XSECCryptoHash::HASH_SHA224:
evp_md = EVP_get_digestbyname("SHA224");
break;
- case HASH_SHA256:
+ case XSECCryptoHash::HASH_SHA256:
evp_md = EVP_get_digestbyname("SHA256");
break;
- case HASH_SHA384:
+ case XSECCryptoHash::HASH_SHA384:
evp_md = EVP_get_digestbyname("SHA384");
break;
- case HASH_SHA512:
+ case XSECCryptoHash::HASH_SHA512:
evp_md = EVP_get_digestbyname("SHA512");
break;
}
@@ -976,10 +930,8 @@ unsigned int OpenSSLCryptoKeyRSA::public
mgf_md);
if (encryptSize <= 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA publicKeyEncrypt - Error adding OAEPadding");
-
}
encryptSize = RSA_public_encrypt(num,
@@ -987,27 +939,19 @@ unsigned int OpenSSLCryptoKeyRSA::public
cipherBuf,
mp_rsaKey,
RSA_NO_PADDING);
-
-
if (encryptSize < 0) {
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA publicKeyEncrypt - Error encrypting padded data");
-
}
}
break;
default :
-
throw XSECCryptoException(XSECCryptoException::RSAError,
"OpenSSL:RSA - Unknown padding method");
-
}
-
return encryptSize;
-
}
// --------------------------------------------------------------------------------
@@ -1020,7 +964,6 @@ unsigned int OpenSSLCryptoKeyRSA::getLen
return RSA_size(mp_rsaKey);
return 0;
-
}
// --------------------------------------------------------------------------------
@@ -1062,7 +1005,6 @@ XSECCryptoKey * OpenSSLCryptoKeyRSA::clo
RSA_set0_crt_params(ret->mp_rsaKey, DUP_NON_NULL(dmp1), DUP_NON_NULL(dmq1), DUP_NON_NULL(iqmp));
return ret;
-
}
#endif /* XSEC_HAVE_OPENSSL */
Modified: santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp Mon Dec 11 22:47:43 2017
@@ -50,264 +50,264 @@ class XSEC_EXPORT OpenSSLCryptoKeyRSA :
public :
- /** @name Constructors and Destructors */
- //@{
-
- OpenSSLCryptoKeyRSA();
- virtual ~OpenSSLCryptoKeyRSA();
-
- //@}
-
- /** @name Key Interface methods */
- //@{
-
- /**
- * \brief Return the type of this key.
- *
- * For RSA keys, this allows people to determine whether this is a
- * public key, private key or a key pair
- */
-
- virtual XSECCryptoKey::KeyType getKeyType() const;
-
- /**
- * \brief Return the OpenSSL identifier string
- */
-
- virtual const XMLCh * getProviderName() const {return DSIGConstants::s_unicodeStrPROVOpenSSL;}
-
- /**
- * \brief Replicate key
- */
-
- virtual XSECCryptoKey * clone() const;
-
- //@}
-
- /** @name Mandatory RSA interface methods
- *
- * These methods are required by the library.
- */
- //@{
-
- /**
- * \brief Set the OAEPparams string
- *
- * By default, the library expects crypto implementations to perform
- * OAEP padding with no params. This call allows the library (or user)
- * to set a params value prior to an encrypt/decrypt operation.
- *
- * @param params buffer containing the params data. Pass in NULL to clear any
- * old paramters.
- * @param paramsLen number of bytes in buffer to use. Pass in 0 to clear any
- * old parameters.
- */
-
- virtual void setOAEPparams(unsigned char * params, unsigned int paramsLen);
-
- /**
- * \brief Get OAEPparams Length
- *
- * @returns the number of bytes of the OAEPparams buffer (assuming it has been set)
- */
-
- virtual unsigned int getOAEPparamsLen(void) const;
-
- /**
- * \brief Get the OAEPparams
- *
- * @returns a pointer to the (crypto object owned) buffer holding the OAEPparams
- * or NULL if no params are held
- */
-
- virtual const unsigned char * getOAEPparams(void) const;
-
- /**
- * \brief Set the MGF
- *
- * By default, the library expects crypto implementations to perform
- * OAEP padding with MGF_SHA1. This call allows the library (or user)
- * to set a different choice.
- *
- * @param mgf the MGF constant identifying the function to use
- */
-
- virtual void setMGF(maskGenerationFunc mgf);
-
- /**
- * \brief Get the MGF
- *
- * @returns the MGF constant in use
- */
-
- virtual enum maskGenerationFunc getMGF(void) const;
-
- /**
- * \brief Verify a SHA1 PKCS1 encoded signature
- *
- * The library will call this function to validate an RSA signature
- * The standard by default uses SHA1 in a PKCS1 encoding.
- *
- * @param hashBuf Buffer containing the pre-calculated (binary) digest
- * @param hashLen Length of the data in the digest buffer
- * @param base64Signature Buffer containing the Base64 encoded signature
- * @param sigLen Length of the data in the signature buffer
- * @param hm The hash method that was used to create the hash that is being
- * passed in
- * @returns true if the signature was valid, false otherwise
- */
-
- virtual bool verifySHA1PKCS1Base64Signature(const unsigned char * hashBuf,
- unsigned int hashLen,
- const char * base64Signature,
- unsigned int sigLen,
- hashMethod hm) const;
-
- /**
- * \brief Create a signature
- *
- * The library will call this function to create a signature from
- * a pre-calculated digest. The output signature will
- * be Base64 encoded such that it can be placed directly into the
- * XML document
- *
- * @param hashBuf Buffer containing the pre-calculated (binary) digest
- * @param hashLen Number of bytes of hash in the hashBuf
- * @param base64SignatureBuf Buffer to place the base64 encoded result
- * in.
- * @param base64SignatureBufLen Implementations need to ensure they do
- * not write more bytes than this into the buffer
- * @param hm Hash Method used in order to embed correct OID for sig
- */
-
- virtual unsigned int signSHA1PKCS1Base64Signature(unsigned char * hashBuf,
- unsigned int hashLen,
- char * base64SignatureBuf,
- unsigned int base64SignatureBufLen,
- hashMethod hm) const;
-
- /**
- * \brief Decrypt using private key
- *
- * The library will call this function to decrypt a piece of cipher
- * text using the private component of this key.
- *
- * @param inBuf cipher text to decrypt
- * @param plainBuf output buffer for decrypted bytes
- * @param inLength bytes of cipher text to decrypt
- * @param maxOutLength size of outputBuffer
- * @param padding Type of padding (PKCS 1.5 or OAEP)
- * @param hm Hash Method for OAEP encryption (OAEPParams should be
- * set using setOAEPparams()
- */
-
- virtual unsigned int privateDecrypt(const unsigned char * inBuf,
- unsigned char * plainBuf,
- unsigned int inLength,
- unsigned int maxOutLength,
- PaddingType padding,
- hashMethod hm) const;
-
-
- /**
- * \brief Encrypt using a public key
- *
- * The library will call this function to encrypt a plain text buffer
- * using the public component of this key.
- *
- * @param inBuf plain text to decrypt
- * @param cipherBuf output buffer for decrypted bytes
- * @param inLength bytes of plain text to encrypt
- * @param maxOutLength size of outputBuffer
- * @param padding Type of padding (PKCS 1.5 or OAEP)
- * @param hm Hash Method for OAEP encryption (OAEPParams should be
- * set using setOAEPparams()
- */
-
- virtual unsigned int publicEncrypt(const unsigned char * inBuf,
- unsigned char * cipherBuf,
- unsigned int inLength,
- unsigned int maxOutLength,
- PaddingType padding,
- hashMethod hm) const;
-
- /**
- * \brief Obtain the length of an RSA key
- *
- * @returns The length of the rsa key (in bytes)
- */
-
- virtual unsigned int getLength(void) const;
-
- //@}
-
- /** @name Optional Interface methods
- *
- * Have been implemented to allow interoperability testing
- */
-
- //@{
-
- /**
- * \brief Load the modulus
- *
- * Load the modulus from a Base64 encoded string
- *
- * param b64 A buffer containing the encoded string
- * param len The length of the data in the buffer
- */
-
- virtual void loadPublicModulusBase64BigNums(const char * b64, unsigned int len);
-
- /**
- * \brief Load the exponent
- *
- * Load the exponent from a Base64 encoded string
- *
- * param b64 A buffer containing the encoded string
- * param len The length of the data in the buffer
- */
-
- virtual void loadPublicExponentBase64BigNums(const char * b64, unsigned int len);
-
- //@}
-
- /** @name OpenSSL specific methods */
- //@{
-
- /**
- * \brief Constructor to create the object around an existing OpenSSL RSA
- * key
- *
- * @param k The key to copy
- * @note The object takes a copy of the original key, and will not delete k on
- * completion. This must be done by the caller.
- */
-
- OpenSSLCryptoKeyRSA(EVP_PKEY *k);
-
- /**
- * \brief Get OpenSSL RSA Object
- */
-
- RSA * getOpenSSLRSA(void) {return mp_rsaKey;}
+ /** @name Constructors and Destructors */
+ //@{
+
+ OpenSSLCryptoKeyRSA();
+ virtual ~OpenSSLCryptoKeyRSA();
+
+ //@}
+
+ /** @name Key Interface methods */
+ //@{
+
+ /**
+ * \brief Return the type of this key.
+ *
+ * For RSA keys, this allows people to determine whether this is a
+ * public key, private key or a key pair
+ */
+
+ virtual XSECCryptoKey::KeyType getKeyType() const;
+
+ /**
+ * \brief Return the OpenSSL identifier string
+ */
+
+ virtual const XMLCh* getProviderName() const;
+
+ /**
+ * \brief Replicate key
+ */
+
+ virtual XSECCryptoKey* clone() const;
+
+ //@}
+
+ /** @name Mandatory RSA interface methods
+ *
+ * These methods are required by the library.
+ */
+ //@{
+
+ /**
+ * \brief Set the OAEPparams string
+ *
+ * By default, the library expects crypto implementations to perform
+ * OAEP padding with no params. This call allows the library (or user)
+ * to set a params value prior to an encrypt/decrypt operation.
+ *
+ * @param params buffer containing the params data. Pass in NULL to clear any
+ * old paramters.
+ * @param paramsLen number of bytes in buffer to use. Pass in 0 to clear any
+ * old parameters.
+ */
+
+ virtual void setOAEPparams(unsigned char* params, unsigned int paramsLen);
+
+ /**
+ * \brief Get OAEPparams Length
+ *
+ * @returns the number of bytes of the OAEPparams buffer (assuming it has been set)
+ */
+
+ virtual unsigned int getOAEPparamsLen() const;
+
+ /**
+ * \brief Get the OAEPparams
+ *
+ * @returns a pointer to the (crypto object owned) buffer holding the OAEPparams
+ * or NULL if no params are held
+ */
+
+ virtual const unsigned char* getOAEPparams() const;
+
+ /**
+ * \brief Set the MGF
+ *
+ * By default, the library expects crypto implementations to perform
+ * OAEP padding with MGF_SHA1. This call allows the library (or user)
+ * to set a different choice.
+ *
+ * @param mgf the MGF constant identifying the function to use
+ */
+
+ virtual void setMGF(maskGenerationFunc mgf);
+
+ /**
+ * \brief Get the MGF
+ *
+ * @returns the MGF constant in use
+ */
+
+ virtual enum maskGenerationFunc getMGF(void) const;
+
+ /**
+ * \brief Verify a SHA1 PKCS1 encoded signature
+ *
+ * The library will call this function to validate an RSA signature
+ * The standard by default uses SHA1 in a PKCS1 encoding.
+ *
+ * @param hashBuf Buffer containing the pre-calculated (binary) digest
+ * @param hashLen Length of the data in the digest buffer
+ * @param base64Signature Buffer containing the Base64 encoded signature
+ * @param sigLen Length of the data in the signature buffer
+ * @param type The hash method that was used to create the hash that is being
+ * passed in
+ * @returns true if the signature was valid, false otherwise
+ */
+
+ virtual bool verifySHA1PKCS1Base64Signature(const unsigned char* hashBuf,
+ unsigned int hashLen,
+ const char* base64Signature,
+ unsigned int sigLen,
+ XSECCryptoHash::HashType type) const;
+
+ /**
+ * \brief Create a signature
+ *
+ * The library will call this function to create a signature from
+ * a pre-calculated digest. The output signature will
+ * be Base64 encoded such that it can be placed directly into the
+ * XML document
+ *
+ * @param hashBuf Buffer containing the pre-calculated (binary) digest
+ * @param hashLen Number of bytes of hash in the hashBuf
+ * @param base64SignatureBuf Buffer to place the base64 encoded result
+ * in.
+ * @param base64SignatureBufLen Implementations need to ensure they do
+ * not write more bytes than this into the buffer
+ * @param type Hash Method used in order to embed correct OID for sig
+ */
+
+ virtual unsigned int signSHA1PKCS1Base64Signature(unsigned char* hashBuf,
+ unsigned int hashLen,
+ char* base64SignatureBuf,
+ unsigned int base64SignatureBufLen,
+ XSECCryptoHash::HashType type) const;
+
+ /**
+ * \brief Decrypt using private key
+ *
+ * The library will call this function to decrypt a piece of cipher
+ * text using the private component of this key.
+ *
+ * @param inBuf cipher text to decrypt
+ * @param plainBuf output buffer for decrypted bytes
+ * @param inLength bytes of cipher text to decrypt
+ * @param maxOutLength size of outputBuffer
+ * @param padding Type of padding (PKCS 1.5 or OAEP)
+ * @param type Hash Method for OAEP encryption (OAEPParams should be
+ * set using setOAEPparams()
+ */
+
+ virtual unsigned int privateDecrypt(const unsigned char* inBuf,
+ unsigned char* plainBuf,
+ unsigned int inLength,
+ unsigned int maxOutLength,
+ PaddingType padding,
+ XSECCryptoHash::HashType type) const;
+
+
+ /**
+ * \brief Encrypt using a public key
+ *
+ * The library will call this function to encrypt a plain text buffer
+ * using the public component of this key.
+ *
+ * @param inBuf plain text to decrypt
+ * @param cipherBuf output buffer for decrypted bytes
+ * @param inLength bytes of plain text to encrypt
+ * @param maxOutLength size of outputBuffer
+ * @param padding Type of padding (PKCS 1.5 or OAEP)
+ * @param type Hash Method for OAEP encryption (OAEPParams should be
+ * set using setOAEPparams()
+ */
+
+ virtual unsigned int publicEncrypt(const unsigned char* inBuf,
+ unsigned char* cipherBuf,
+ unsigned int inLength,
+ unsigned int maxOutLength,
+ PaddingType padding,
+ XSECCryptoHash::HashType type) const;
+
+ /**
+ * \brief Obtain the length of an RSA key
+ *
+ * @returns The length of the rsa key (in bytes)
+ */
+
+ virtual unsigned int getLength(void) const;
+
+ //@}
+
+ /** @name Optional Interface methods
+ *
+ * Have been implemented to allow interoperability testing
+ */
+
+ //@{
+
+ /**
+ * \brief Load the modulus
+ *
+ * Load the modulus from a Base64 encoded string
+ *
+ * param b64 A buffer containing the encoded string
+ * param len The length of the data in the buffer
+ */
+
+ virtual void loadPublicModulusBase64BigNums(const char* b64, unsigned int len);
+
+ /**
+ * \brief Load the exponent
+ *
+ * Load the exponent from a Base64 encoded string
+ *
+ * param b64 A buffer containing the encoded string
+ * param len The length of the data in the buffer
+ */
+
+ virtual void loadPublicExponentBase64BigNums(const char* b64, unsigned int len);
+
+ //@}
+
+ /** @name OpenSSL specific methods */
+ //@{
+
+ /**
+ * \brief Constructor to create the object around an existing OpenSSL RSA
+ * key
+ *
+ * @param k The key to copy
+ * @note The object takes a copy of the original key, and will not delete k on
+ * completion. This must be done by the caller.
+ */
+
+ OpenSSLCryptoKeyRSA(EVP_PKEY* k);
+
+ /**
+ * \brief Get OpenSSL RSA Object
+ */
+
+ RSA* getOpenSSLRSA(void) {return mp_rsaKey;}
/**
- * \brief Get OpenSSL RSA Object
- */
+ * \brief Get OpenSSL RSA Object
+ */
- const RSA * getOpenSSLRSA(void) const {return mp_rsaKey;}
+ const RSA* getOpenSSLRSA(void) const {return mp_rsaKey;}
- //@}
+ //@}
private:
- RSA * mp_rsaKey;
- unsigned char * mp_oaepParams;
- unsigned int m_oaepParamsLen;
- maskGenerationFunc m_mgf;
+ RSA* mp_rsaKey;
+ unsigned char* mp_oaepParams;
+ unsigned int m_oaepParamsLen;
+ maskGenerationFunc m_mgf;
- BIGNUM * mp_accumE, *mp_accumN;
+ BIGNUM *mp_accumE, *mp_accumN;
void setEBase(BIGNUM *eBase);
void setNBase(BIGNUM *nBase);
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
Modified: santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.cpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.cpp Mon Dec 11 22:47:43 2017
@@ -176,81 +176,28 @@ const XMLCh * OpenSSLCryptoProvider::get
// Hashing classes
unsigned int OpenSSLCryptoProvider::getMaxHashSize() const {
- return 128;
+ return 128;
}
-XSECCryptoHash * OpenSSLCryptoProvider::hashSHA(int length) const {
+XSECCryptoHash * OpenSSLCryptoProvider::hash(XSECCryptoHash::HashType type) const {
+ OpenSSLCryptoHash* ret;
+ XSECnew(ret, OpenSSLCryptoHash(type));
- OpenSSLCryptoHash * ret;
-
- switch (length) {
-
- case 160: XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_SHA1));
- break;
- case 224: XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_SHA224));
- break;
- case 256: XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_SHA256));
- break;
- case 384: XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_SHA384));
- break;
- case 512: XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_SHA512));
- break;
- default:
- ret = NULL;
- }
-
- return ret;
-
-}
-
-XSECCryptoHash * OpenSSLCryptoProvider::hashHMACSHA(int length) const {
-
- OpenSSLCryptoHashHMAC * ret;
-
- switch (length) {
-
- case 160: XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_SHA1));
- break;
- case 224: XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_SHA224));
- break;
- case 256: XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_SHA256));
- break;
- case 384: XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_SHA384));
- break;
- case 512: XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_SHA512));
- break;
- default:
- ret = NULL;
- }
-
- return ret;
-
-}
-
-XSECCryptoHash * OpenSSLCryptoProvider::hashMD5() const {
-
- OpenSSLCryptoHash * ret;
-
- XSECnew(ret, OpenSSLCryptoHash(XSECCryptoHash::HASH_MD5));
-
- return ret;
-
+ return ret;
}
-XSECCryptoHash * OpenSSLCryptoProvider::hashHMACMD5() const {
+XSECCryptoHash * OpenSSLCryptoProvider::HMAC(XSECCryptoHash::HashType type) const {
+ OpenSSLCryptoHashHMAC* ret;
- OpenSSLCryptoHashHMAC * ret;
-
- XSECnew(ret, OpenSSLCryptoHashHMAC(XSECCryptoHash::HASH_MD5));
-
- return ret;
+ XSECnew(ret, OpenSSLCryptoHashHMAC(type));
+ return ret;
}
XSECCryptoKeyHMAC * OpenSSLCryptoProvider::keyHMAC(void) const {
-
OpenSSLCryptoKeyHMAC * ret;
+
XSECnew(ret, OpenSSLCryptoKeyHMAC);
return ret;
@@ -258,7 +205,6 @@ XSECCryptoKeyHMAC * OpenSSLCryptoProvide
}
XSECCryptoKeyDSA * OpenSSLCryptoProvider::keyDSA() const {
-
OpenSSLCryptoKeyDSA * ret;
XSECnew(ret, OpenSSLCryptoKeyDSA());
@@ -268,13 +214,11 @@ XSECCryptoKeyDSA * OpenSSLCryptoProvider
}
XSECCryptoKeyRSA * OpenSSLCryptoProvider::keyRSA() const {
-
OpenSSLCryptoKeyRSA * ret;
XSECnew(ret, OpenSSLCryptoKeyRSA());
return ret;
-
}
XSECCryptoKeyEC * OpenSSLCryptoProvider::keyEC() const {
@@ -359,32 +303,22 @@ XSECCryptoKey* OpenSSLCryptoProvider::ke
XSECCryptoX509 * OpenSSLCryptoProvider::X509() const {
-
OpenSSLCryptoX509 * ret;
XSECnew(ret, OpenSSLCryptoX509());
return ret;
-
}
XSECCryptoBase64 * OpenSSLCryptoProvider::base64() const {
-
-#if 0
- OpenSSLCryptoBase64 * ret;
-
- XSECnew(ret, OpenSSLCryptoBase64());
-#else
XSCryptCryptoBase64 *ret;
+
XSECnew(ret, XSCryptCryptoBase64);
-#endif
return ret;
-
}
bool OpenSSLCryptoProvider::algorithmSupported(XSECCryptoSymmetricKey::SymmetricKeyType alg) const {
-
switch (alg) {
case (XSECCryptoSymmetricKey::KEY_AES_128) :
@@ -405,11 +339,9 @@ bool OpenSSLCryptoProvider::algorithmSup
}
return false;
-
}
bool OpenSSLCryptoProvider::algorithmSupported(XSECCryptoHash::HashType alg) const {
-
switch (alg) {
case (XSECCryptoHash::HASH_SHA1) :
@@ -437,22 +369,18 @@ bool OpenSSLCryptoProvider::algorithmSup
}
return false;
-
}
XSECCryptoSymmetricKey * OpenSSLCryptoProvider::keySymmetric(XSECCryptoSymmetricKey::SymmetricKeyType alg) const {
-
OpenSSLCryptoSymmetricKey * ret;
XSECnew(ret, OpenSSLCryptoSymmetricKey(alg));
return ret;
-
}
unsigned int OpenSSLCryptoProvider::getRandom(unsigned char * buffer, unsigned int numOctets) const {
-
if (RAND_status() != 1) {
throw XSECCryptoException(XSECCryptoException::GeneralError,
@@ -469,7 +397,6 @@ unsigned int OpenSSLCryptoProvider::getR
}
return numOctets;
-
}
Modified: santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.hpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.hpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.hpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoProvider.hpp Mon Dec 11 22:47:43 2017
@@ -34,8 +34,10 @@
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/enc/XSECCryptoProvider.hpp>
-#include <map>
-#include <string>
+#ifdef XSEC_OPENSSL_HAVE_EC
+# include <map>
+# include <string>
+#endif
#if defined (XSEC_HAVE_OPENSSL)
@@ -61,219 +63,183 @@ class XSEC_EXPORT OpenSSLCryptoProvider
public :
- /** @name Constructors and Destructors */
- //@{
-
- OpenSSLCryptoProvider();
- virtual ~OpenSSLCryptoProvider();
-
- //@}
-
- /** @name Hashing (Digest) Functions */
- //@{
-
- /**
- * \brief Get the provider's maximum digest length.
- *
- * Call used by the library to max out the buffer sizes it uses.
- *
- * @returns maximum size to allow for
- */
- virtual unsigned int getMaxHashSize() const;
-
- /**
- * \brief Return a SHA implementation.
- *
- * Call used by the library to obtain a SHA object from the
- * provider. Size of hash determined by length argument (160 = SHA1)
- *
- * @returns A pointer to a Hash object that implements SHA1
- * @param length - length of hash. E.g. 160 for SHA1 or 256 for SHA256
- * @see OpenSSLCryptoHash
- */
-
- virtual XSECCryptoHash * hashSHA(int length = 160) const;
-
- /**
- * \brief Return a HMAC SHA(1-512) implementation.
- *
- * Call used by the library to obtain a HMAC SHA object from the
- * provider. The caller will need to set the key in the hash
- * object with an XSECCryptoKeyHMAC using XSECCryptoHash::setKey()
- *
- * @returns A pointer to a Hash object that implements HMAC-SHA1
- * @param length Length of hash output (160 = SHA1, 256, 512 etc)
- * @see OpenSSLCryptoHash
- */
-
- virtual XSECCryptoHash * hashHMACSHA(int length = 160) const;
-
- /**
- * \brief Return a MD5 implementation.
- *
- * Call used by the library to obtain a MD5 object from the
- * OpenSSL provider.
- *
- * @returns A pointer to a Hash object that implements MD5
- * @see OpenSSLCryptoHash
- */
-
- virtual XSECCryptoHash * hashMD5() const;
-
- /**
- * \brief Return a HMAC MD5 implementation.
- *
- * Call used by the library to obtain a HMAC MD5 object from the
- * provider. The caller will need to set the key in the hash
- * object with an XSECCryptoKeyHMAC using XSECCryptoHash::setKey()
- *
- * @note The use of MD5 is explicitly marked as <b>not recommended</b>
- * in the XML Digital Signature standard due to recent advances in
- * cryptography indicating there <em>may</em> be weaknesses in the
- * algorithm.
- *
- * @returns A pointer to a Hash object that implements HMAC-MD5
- * @see OpenSSLCryptoHash
- */
-
- virtual XSECCryptoHash * hashHMACMD5() const;
-
- /**
- * \brief Return a HMAC key
- *
- * Sometimes the library needs to create an HMAC key (notably within
- * the XKMS utilities.
- *
- * This function allows the library to obtain a key that can then have
- * a value set within it.
- */
-
- virtual XSECCryptoKeyHMAC * keyHMAC(void) const;
-
- //@}
-
- /** @name Encoding functions */
- //@{
-
- /**
- * \brief Return a Base64 encoder/decoder implementation.
- *
- * Call used by the library to obtain an OpenSSL Base64
- * encoder/decoder.
- *
- * @returns Pointer to the new Base64 encoder.
- * @see OpenSSLCryptoBase64
- */
-
- virtual XSECCryptoBase64 * base64() const;
-
- //@}
-
- /** @name Keys and Certificates */
- //@{
-
- /**
- * \brief Return a DSA key implementation object.
- *
- * Call used by the library to obtain a DSA key object.
- *
- * @returns Pointer to the new DSA key
- * @see OpenSSLCryptoKeyDSA
- */
-
- virtual XSECCryptoKeyDSA * keyDSA() const;
-
- /**
- * \brief Return an RSA key implementation object.
- *
- * Call used by the library to obtain an OpenSSL RSA key object.
- *
- * @returns Pointer to the new RSA key
- * @see OpenSSLCryptoKeyRSA
- */
-
- virtual XSECCryptoKeyRSA * keyRSA() const;
-
- /**
- * \brief Return an EC key implementation object.
- *
- * Call used by the library to obtain an OpenSSL EC key object.
- *
- * @returns Pointer to the new EC key
- * @see OpenSSLCryptoKeyEC
- */
-
- virtual XSECCryptoKeyEC * keyEC() const;
-
- /**
- * \brief Return a key implementation object based on DER-encoded input.
- *
- * Call used by the library to obtain a key object from a DER-encoded key.
- *
+ /** @name Constructors and Destructors */
+ //@{
+
+ OpenSSLCryptoProvider();
+ virtual ~OpenSSLCryptoProvider();
+
+ //@}
+
+ /** @name Hashing (Digest) Functions */
+ //@{
+
+ /**
+ * \brief Get the provider's maximum digest length.
+ *
+ * Call used by the library to max out the buffer sizes it uses.
+ *
+ * @returns maximum size to allow for
+ */
+ virtual unsigned int getMaxHashSize() const;
+
+ /**
+ * \brief Return a hashing implementation.
+ *
+ * Call used by the library to obtain a hashing implementation from the
+ * provider.
+ *
+ * @returns a pointer to a hashing object.
+ */
+ virtual XSECCryptoHash* hash(XSECCryptoHash::HashType type) const;
+
+ /**
+ * \brief Return an HMAC implementation.
+ *
+ * Call used by the library to obtain an HMAC implementation from the
+ * provider. The caller will need to set the key in the hash
+ * object with an XSECCryptoKeyHMAC using XSECCryptoHash::setKey().
+ *
+ * @returns a pointer to the hashing object.
+ */
+ virtual XSECCryptoHash* HMAC(XSECCryptoHash::HashType type) const;
+
+ /**
+ * \brief Return a HMAC key
+ *
+ * Sometimes the library needs to create an HMAC key (notably within
+ * the XKMS utilities.
+ *
+ * This function allows the library to obtain a key that can then have
+ * a value set within it.
+ */
+
+ virtual XSECCryptoKeyHMAC* keyHMAC(void) const;
+
+ //@}
+
+ /** @name Encoding functions */
+ //@{
+
+ /**
+ * \brief Return a Base64 encoder/decoder implementation.
+ *
+ * Call used by the library to obtain an OpenSSL Base64
+ * encoder/decoder.
+ *
+ * @returns Pointer to the new Base64 encoder.
+ * @see OpenSSLCryptoBase64
+ */
+
+ virtual XSECCryptoBase64* base64() const;
+
+ //@}
+
+ /** @name Keys and Certificates */
+ //@{
+
+ /**
+ * \brief Return a DSA key implementation object.
+ *
+ * Call used by the library to obtain a DSA key object.
+ *
+ * @returns Pointer to the new DSA key
+ * @see OpenSSLCryptoKeyDSA
+ */
+
+ virtual XSECCryptoKeyDSA* keyDSA() const;
+
+ /**
+ * \brief Return an RSA key implementation object.
+ *
+ * Call used by the library to obtain an OpenSSL RSA key object.
+ *
+ * @returns Pointer to the new RSA key
+ * @see OpenSSLCryptoKeyRSA
+ */
+
+ virtual XSECCryptoKeyRSA* keyRSA() const;
+
+ /**
+ * \brief Return an EC key implementation object.
+ *
+ * Call used by the library to obtain an OpenSSL EC key object.
+ *
+ * @returns Pointer to the new EC key
+ * @see OpenSSLCryptoKeyEC
+ */
+
+ virtual XSECCryptoKeyEC* keyEC() const;
+
+ /**
+ * \brief Return a key implementation object based on DER-encoded input.
+ *
+ * Call used by the library to obtain a key object from a DER-encoded key.
+ *
* @param buf DER-encoded data
* @param buflen length of data
* @param base64 true iff data is base64-encoded
- * @returns Pointer to the new key
- * @see XSECCryptoKey
- */
-
- virtual XSECCryptoKey * keyDER(const char* buf, unsigned long buflen, bool base64) const;
-
- /**
- * \brief Return an X509 implementation object.
- *
- * Call used by the library to obtain an object that can work
- * with X509 certificates.
- *
- * @returns Pointer to the new X509 object
- * @see OpenSSLCryptoX509
- */
-
- virtual XSECCryptoX509 * X509() const;
-
- /**
- * \brief Determine whether a given algorithm is supported
- *
- * A call that can be used to determine whether a given
- * symmetric algorithm is supported
- */
-
- virtual bool algorithmSupported(XSECCryptoSymmetricKey::SymmetricKeyType alg) const;
-
- /**
- * \brief Determine whether a given algorithm is supported
- *
- * A call that can be used to determine whether a given
- * digest algorithm is supported
- */
-
- virtual bool algorithmSupported(XSECCryptoHash::HashType alg) const;
-
- /**
- * \brief Return a Symmetric Key implementation object.
- *
- * Call used by the library to obtain a bulk encryption
- * object.
- *
- * @returns Pointer to the new SymmetricKey object
- * @see XSECCryptoSymmetricKey
- */
-
- virtual XSECCryptoSymmetricKey * keySymmetric(XSECCryptoSymmetricKey::SymmetricKeyType alg) const;
-
- /**
- * \brief Obtain some random octets
- *
- * For generation of IVs and the like, the library needs to be able
- * to obtain "random" octets. The library uses this call to the
- * crypto provider to obtain what it needs.
- *
- * @param buffer The buffer to place the random data in
- * @param numOctets Number of bytes required
- * @returns Number of bytes obtained.
- */
+ * @returns Pointer to the new key
+ * @see XSECCryptoKey
+ */
+
+ virtual XSECCryptoKey* keyDER(const char* buf, unsigned long buflen, bool base64) const;
+
+ /**
+ * \brief Return an X509 implementation object.
+ *
+ * Call used by the library to obtain an object that can work
+ * with X509 certificates.
+ *
+ * @returns Pointer to the new X509 object
+ * @see OpenSSLCryptoX509
+ */
+
+ virtual XSECCryptoX509* X509() const;
+
+ /**
+ * \brief Determine whether a given algorithm is supported
+ *
+ * A call that can be used to determine whether a given
+ * symmetric algorithm is supported
+ */
+
+ virtual bool algorithmSupported(XSECCryptoSymmetricKey::SymmetricKeyType alg) const;
+
+ /**
+ * \brief Determine whether a given algorithm is supported
+ *
+ * A call that can be used to determine whether a given
+ * digest algorithm is supported
+ */
+
+ virtual bool algorithmSupported(XSECCryptoHash::HashType alg) const;
+
+ /**
+ * \brief Return a Symmetric Key implementation object.
+ *
+ * Call used by the library to obtain a bulk encryption
+ * object.
+ *
+ * @returns Pointer to the new SymmetricKey object
+ * @see XSECCryptoSymmetricKey
+ */
- virtual unsigned int getRandom(unsigned char * buffer, unsigned int numOctets) const;
+ virtual XSECCryptoSymmetricKey* keySymmetric(XSECCryptoSymmetricKey::SymmetricKeyType alg) const;
+
+ /**
+ * \brief Obtain some random octets
+ *
+ * For generation of IVs and the like, the library needs to be able
+ * to obtain "random" octets. The library uses this call to the
+ * crypto provider to obtain what it needs.
+ *
+ * @param buffer The buffer to place the random data in
+ * @param numOctets Number of bytes required
+ * @returns Number of bytes obtained.
+ */
+
+ virtual unsigned int getRandom(unsigned char* buffer, unsigned int numOctets) const;
#ifdef XSEC_OPENSSL_HAVE_EC
/**
@@ -287,20 +253,20 @@ public :
int curveNameToNID(const char* curveName) const;
#endif
- //@}
+ //@}
- /** @name Information Functions */
- //@{
+ /** @name Information Functions */
+ //@{
- /**
- * \brief Returns a string that identifies the Crypto Provider
- */
+ /**
+ * \brief Returns a string that identifies the Crypto Provider
+ */
- virtual const XMLCh * getProviderName() const;
+ virtual const XMLCh* getProviderName() const;
- //@}
+ //@}
- /*\@}*/
+ /*\@}*/
};
Modified: santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.cpp Mon Dec 11 22:47:43 2017
@@ -110,6 +110,10 @@ WinCAPICryptoKeyDSA::~WinCAPICryptoKeyDS
};
+const XMLCh * WinCAPICryptoKeyDSA::getProviderName() const {
+ return DSIGConstants::s_unicodeStrPROVWinCAPI;
+}
+
// Generic key functions
XSECCryptoKey::KeyType WinCAPICryptoKeyDSA::getKeyType() const {
Modified: santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyDSA.hpp Mon Dec 11 22:47:43 2017
@@ -123,7 +123,7 @@ public :
*\brief Return the WiNCAPI string identifier
*/
- virtual const XMLCh * getProviderName() const {return DSIGConstants::s_unicodeStrPROVWinCAPI;}
+ virtual const XMLCh * getProviderName() const;
/**
* \brief Replicate key
Modified: santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.cpp Mon Dec 11 22:47:43 2017
@@ -28,6 +28,7 @@
*
*/
+#include <xsec/dsig/DSIGConstants.hpp>
#include <xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp>
#include <xsec/framework/XSECError.hpp>
#include <xsec/enc/XSECCryptoException.hpp>
@@ -43,6 +44,10 @@ WinCAPICryptoKeyHMAC::WinCAPICryptoKeyHM
};
+const XMLCh * WinCAPICryptoKeyHMAC::getProviderName() const {
+ return DSIGConstants::s_unicodeStrPROVWinCAPI;
+}
+
void WinCAPICryptoKeyHMAC::setKey(unsigned char * inBuf, unsigned int inLength) {
m_keyBuf.sbMemcpyIn(inBuf, inLength);
Modified: santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp?rev=1817863&r1=1817862&r2=1817863&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/WinCAPI/WinCAPICryptoKeyHMAC.hpp Mon Dec 11 22:47:43 2017
@@ -104,7 +104,7 @@ public :
* \brief Return the WinCAPI string identifier
*/
- virtual const XMLCh * getProviderName() const {return DSIGConstants::s_unicodeStrPROVWinCAPI;}
+ virtual const XMLCh * getProviderName() const;
//@}