You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by bl...@apache.org on 2003/08/31 14:50:47 UTC
cvs commit: xml-security/c/src/utils XSECDOMUtils.cpp XSECDOMUtils.hpp XSECSafeBuffer.cpp XSECSafeBuffer.hpp
blautenb 2003/08/31 05:50:47
Modified: c/src/dsig DSIGConstants.cpp DSIGConstants.hpp
c/src/framework XSECError.cpp XSECException.hpp
XSECProvider.cpp XSECProvider.hpp
c/src/utils XSECDOMUtils.cpp XSECDOMUtils.hpp
XSECSafeBuffer.cpp XSECSafeBuffer.hpp
Log:
Updates to start linking in XML Encryption
Revision Changes Path
1.11 +4 -1 xml-security/c/src/dsig/DSIGConstants.cpp
Index: DSIGConstants.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.cpp,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- DSIGConstants.cpp 5 Jul 2003 10:30:30 -0000 1.10
+++ DSIGConstants.cpp 31 Aug 2003 12:50:47 -0000 1.11
@@ -82,6 +82,7 @@
const XMLCh * DSIGConstants::s_unicodeStrURIDSIG;
const XMLCh * DSIGConstants::s_unicodeStrURIEC;
const XMLCh * DSIGConstants::s_unicodeStrURIXPF;
+const XMLCh * DSIGConstants::s_unicodeStrURIXENC;
const XMLCh * DSIGConstants::s_unicodeStrURIRawX509;
const XMLCh * DSIGConstants::s_unicodeStrURISHA1;
@@ -121,6 +122,7 @@
s_unicodeStrURIDSIG = XMLString::transcode(URI_ID_DSIG);
s_unicodeStrURIEC = XMLString::transcode(URI_ID_EC);
s_unicodeStrURIXPF = XMLString::transcode(URI_ID_XPF);
+ s_unicodeStrURIXENC = XMLString::transcode(URI_ID_XENC);
s_unicodeStrURISHA1 = XMLString::transcode(URI_ID_SHA1);
s_unicodeStrURIMD5 = XMLString::transcode(URI_ID_MD5);
s_unicodeStrURIBASE64 = XMLString::transcode(URI_ID_BASE64);
@@ -155,6 +157,7 @@
delete[] (XMLCh *) s_unicodeStrURIDSIG;
delete[] (XMLCh *) s_unicodeStrURIEC;
delete[] (XMLCh *) s_unicodeStrURIXPF;
+ delete[] (XMLCh *) s_unicodeStrURIXENC;
delete[] (XMLCh *) s_unicodeStrURISHA1;
delete[] (XMLCh *) s_unicodeStrURIMD5;
delete[] (XMLCh *) s_unicodeStrURIBASE64;
1.13 +3 -1 xml-security/c/src/dsig/DSIGConstants.hpp
Index: DSIGConstants.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.hpp,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- DSIGConstants.hpp 5 Jul 2003 10:30:30 -0000 1.12
+++ DSIGConstants.hpp 31 Aug 2003 12:50:47 -0000 1.13
@@ -84,6 +84,7 @@
#define URI_ID_EC "http://www.w3.org/2001/10/xml-exc-c14n#"
// Also used as algorithm ID for XPATH_FILTER
#define URI_ID_XPF "http://www.w3.org/2002/06/xmldsig-filter2"
+#define URI_ID_XENC "http://www.w3.org/2001/04/xmlenc#"
// Hashing Algorithms
@@ -306,6 +307,7 @@
static const XMLCh * s_unicodeStrURIDSIG;
static const XMLCh * s_unicodeStrURIEC;
static const XMLCh * s_unicodeStrURIXPF;
+ static const XMLCh * s_unicodeStrURIXENC;
static const XMLCh * s_unicodeStrURIRawX509;
static const XMLCh * s_unicodeStrURISHA1;
1.7 +5 -0 xml-security/c/src/framework/XSECError.cpp
Index: XSECError.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECError.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- XSECError.cpp 5 Jul 2003 10:30:34 -0000 1.6
+++ XSECError.cpp 31 Aug 2003 12:50:47 -0000 1.7
@@ -116,6 +116,11 @@
"An error occured in a safe buffer",
"An error occurred processing an HTTP request via internal resolver",
"An error occurred decoding a DSIG encoded Distinguished name",
+ "An error occurred during processing of an Encrypted[Data|Key] node",
+ "Did not find expected XENC child element",
+ "An error occurred processing a CipherData node",
+ "An error occurred processing a CipherValue node",
+ "An error occurred in the XSECCipher processor",
"Unknown Error type",
};
1.9 +9 -2 xml-security/c/src/framework/XSECException.hpp
Index: XSECException.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECException.hpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- XSECException.hpp 5 Jul 2003 10:30:34 -0000 1.8
+++ XSECException.hpp 31 Aug 2003 12:50:47 -0000 1.9
@@ -143,7 +143,14 @@
LoadEmptyXPathFilter = 39,
XPathFilterError = 40,
DNameDecodeError = 41,
- UnknownError = 42 // Must be last!
+
+ // Encryption errors
+ EncryptedTypeError = 42,
+ ExpectedXENCChildNotFound = 43,
+ CipherDataError = 44,
+ CipherValueError = 45,
+ CipherError = 46,
+ UnknownError = 47 // Must be last!
};
1.6 +71 -2 xml-security/c/src/framework/XSECProvider.cpp
Index: XSECProvider.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECProvider.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- XSECProvider.cpp 5 Jul 2003 10:30:34 -0000 1.5
+++ XSECProvider.cpp 31 Aug 2003 12:50:47 -0000 1.6
@@ -74,6 +74,8 @@
#include <xsec/utils/XSECDOMUtils.hpp>
#include <xsec/framework/XSECURIResolverXerces.hpp>
+#include "../xenc/impl/XENCCipherImpl.hpp"
+
// --------------------------------------------------------------------------------
// Constructors/Destructors
// --------------------------------------------------------------------------------
@@ -87,8 +89,9 @@
XSECProvider::~XSECProvider() {
+ // First delete signatures
+
SignatureListVectorType::iterator i;
-
for (i = m_activeSignatures.begin(); i != m_activeSignatures.end(); ++i)
delete *i;
@@ -97,6 +100,16 @@
if (mp_URIResolver != NULL)
delete mp_URIResolver;
+
+ // Now delete ciphers
+
+ CipherListVectorType::iterator j;
+
+ for (j = m_activeCiphers.begin(); j != m_activeCiphers.end(); ++j)
+ delete *j;
+
+ m_activeCiphers.clear();
+
}
// --------------------------------------------------------------------------------
@@ -177,6 +190,51 @@
}
// --------------------------------------------------------------------------------
+// Cipher Creation/Deletion
+// --------------------------------------------------------------------------------
+
+XENCCipher * XSECProvider::newCipher(DOMDocument * doc) {
+
+ XENCCipherImpl * ret;
+
+ XSECnew(ret, XENCCipherImpl(doc));
+
+ setup(ret);
+
+ return ret;
+
+}
+
+void XSECProvider::releaseCipher(XENCCipher * toRelease) {
+
+ // Find in the active list
+
+ CipherListVectorType::iterator i;
+
+ m_providerMutex.lock();
+ i = m_activeCiphers.begin();
+ while (i != m_activeCiphers.end() && *i != toRelease)
+ ++i;
+
+ if (i == m_activeCiphers.end()) {
+
+ m_providerMutex.unlock();
+
+ throw XSECException(XSECException::ProviderError,
+ "Attempt to release a cipher that was not created by this provider");
+
+ }
+
+ // For now - remove from list. Would be better to recycle
+ m_activeCiphers.erase(i);
+ m_providerMutex.unlock();
+ delete toRelease;
+
+}
+
+
+
+// --------------------------------------------------------------------------------
// Environmental methods
// --------------------------------------------------------------------------------
@@ -204,5 +262,16 @@
m_providerMutex.unlock();
sig->setURIResolver(mp_URIResolver);
+
+}
+
+void XSECProvider::setup(XENCCipher * cipher) {
+
+ // Called by all Signature creation methods to set up the sig
+
+ // Add to the active list
+ m_providerMutex.lock();
+ m_activeCiphers.push_back(cipher);
+ m_providerMutex.unlock();
}
1.7 +49 -7 xml-security/c/src/framework/XSECProvider.hpp
Index: XSECProvider.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/framework/XSECProvider.hpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- XSECProvider.hpp 5 Jul 2003 10:30:34 -0000 1.6
+++ XSECProvider.hpp 31 Aug 2003 12:50:47 -0000 1.7
@@ -73,6 +73,7 @@
#include <xsec/utils/XSECPlatformUtils.hpp>
#include <xsec/dsig/DSIGSignature.hpp>
+#include <xsec/xenc/XENCCipher.hpp>
#include <xercesc/util/Mutexes.hpp>
@@ -84,13 +85,13 @@
*/
/**
- * @brief The provider class for XML Digital Signatures objects.
+ * @brief The main provider class for XML Digital Signatures and Encryption objects.
*
- * <p>The XSECProvider class is used to create and destroy signature objects.
- * It provides a number of methods to create signature objects for a variety of
- * situations - in particular creating an empty signature with which to create
- * the signature DOM structure or creating a signature based on an already
- * existing DOM structure.</p>
+ * <p>The XSECProvider class is used to create and destroy signature objects and
+ * encryption objects. It provides a number of methods to create signature
+ * and encryption objects for a variety of situations - in particular creating an
+ * empty signature or cipher with which to create the DOM structure or creating a
+ * security object based on an already existing DOM structure.</p>
*
*/
@@ -103,6 +104,12 @@
typedef std::vector<DSIGSignature *> SignatureListVectorType;
#endif
+#if defined(XALAN_NO_NAMESPACES)
+ typedef vector<XENCCipher *> CipherListVectorType;
+#else
+ typedef std::vector<XENCCipher *> CipherListVectorType;
+#endif
+
public:
/** @name Constructors and Destructors */
@@ -196,6 +203,39 @@
//@}
+ /** @name Encryption Creation Functions */
+ //@{
+
+ /**
+ * \brief Create an XENCCipher object based on a particular DOM Document
+ *
+ * XENCCipher is an engine class that is used to wrap encryption/decryption
+ * functions. Unlike the Signature functions, only a XENCCipher object attached
+ * to a particular document is required. Arbitrary objects within this document
+ * can then be encrypted/decrypted using this class.
+ *
+ * @param doc Document to attach the XENCCipher to.
+ * @returns An implementation object for XENCCipher
+ */
+
+ XENCCipher * newCipher(DOMDocument * doc);
+
+ /**
+ * \brief Method to delete XENCCipher objects created via this provider
+ *
+ * <p>The provider keeps track of all objects by it. This method can be used
+ * to delete any previously created XENCCipher objects prior to the provider
+ * being deleted. Any XENCCipher objects not released using this function will
+ * automatically be deleted when the provider goes out of scope (or is itself
+ * deleted).
+ *
+ * @param toRelease The XENCCipher object to be deleted
+ */
+
+ void releaseCipher(XENCCipher * toRelease);
+
+ //@}
+
/** @name Environmental Options */
//@{
@@ -220,8 +260,10 @@
// Internal functions
void setup(DSIGSignature *sig);
+ void setup(XENCCipher *cipher);
SignatureListVectorType m_activeSignatures;
+ CipherListVectorType m_activeCiphers;
XSECURIResolver * mp_URIResolver;
XERCES_CPP_NAMESPACE_QUALIFIER XMLMutex m_providerMutex;
};
1.11 +117 -0 xml-security/c/src/utils/XSECDOMUtils.cpp
Index: XSECDOMUtils.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.cpp,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- XSECDOMUtils.cpp 5 Jul 2003 10:30:37 -0000 1.10
+++ XSECDOMUtils.cpp 31 Aug 2003 12:50:47 -0000 1.11
@@ -78,6 +78,16 @@
// Xerces
#include <xercesc/util/XMLUniDefs.hpp>
+#include <xercesc/util/Janitor.hpp>
+#include <xercesc/util/PlatformUtils.hpp>
+#include <xercesc/util/TransService.hpp>
+
+XSEC_USING_XERCES(XMLTransService);
+XSEC_USING_XERCES(XMLTranscoder);
+XSEC_USING_XERCES(XMLPlatformUtils);
+XSEC_USING_XERCES(Janitor);
+XSEC_USING_XERCES(chNull);
+
// --------------------------------------------------------------------------------
// Utilities to manipulate DSIG namespaces
// --------------------------------------------------------------------------------
@@ -114,6 +124,18 @@
}
+const XMLCh DSIG_EXPORT * getXENCLocalName(const DOMNode *node) {
+
+ // XML Encryption namespace node
+
+ if (!strEquals(node->getNamespaceURI(), DSIGConstants::s_unicodeStrURIXENC))
+ return NULL;
+ else
+ return node->getLocalName();
+
+}
+
+
// --------------------------------------------------------------------------------
// Find a nominated DSIG node in a document
// --------------------------------------------------------------------------------
@@ -144,6 +166,35 @@
}
// --------------------------------------------------------------------------------
+// Find a nominated XENC node in a document
+// --------------------------------------------------------------------------------
+
+DOMNode *findXENCNode(DOMNode *n, const char * nodeName) {
+
+ const XMLCh * name = getXENCLocalName(n);
+
+ if (strEquals(name, nodeName)) {
+
+ return n;
+
+ }
+
+ DOMNode *child = n->getFirstChild();
+
+ while (child != NULL) {
+
+ DOMNode *ret = findXENCNode(child, nodeName);
+ if (ret != NULL)
+ return ret;
+ child = child->getNextSibling();
+
+ }
+
+ return child;
+
+}
+
+// --------------------------------------------------------------------------------
// Find particular type of node child
// --------------------------------------------------------------------------------
@@ -163,6 +214,21 @@
}
+DOMNode * findNextChildOfType(DOMNode *n, DOMNode::NodeType t) {
+
+ DOMNode * s = n;
+
+ if (s == NULL)
+ return s;
+
+ do {
+ s = s->getNextSibling();
+ } while (s != NULL && s->getNodeType() != t);
+
+ return s;
+
+}
+
// --------------------------------------------------------------------------------
// Make a QName
// --------------------------------------------------------------------------------
@@ -237,6 +303,57 @@
c = c->getNextSibling();
}
+
+}
+
+// --------------------------------------------------------------------------------
+// Some UTF8 utilities
+// --------------------------------------------------------------------------------
+
+XMLCh * transcodeFromUTF8(const unsigned char * src) {
+
+ // Take a UTF-8 buffer and transcode to UTF-16
+
+ safeBuffer fullDest;
+ fullDest.sbXMLChIn(DSIGConstants::s_unicodeStrEmpty);
+ XMLCh outputBuf[2050];
+
+ // Used to record byte sizes
+ unsigned char charSizes[2050];
+
+ // Grab a transcoder
+ XMLTransService::Codes failReason;
+
+ XMLTranscoder* t =
+ XMLPlatformUtils::fgTransService->makeNewTranscoderFor("UTF-8",
+ failReason,
+ 2*1024,
+ XMLPlatformUtils::fgMemoryManager);
+ Janitor<XMLTranscoder> j_t(t);
+
+ // Need to loop through, 2K at a time
+ unsigned int bytesEaten;
+ unsigned int totalBytesEaten = 0;
+ unsigned int bytesToEat = XMLString::stringLen((char *) src);
+
+ while (totalBytesEaten < bytesToEat) {
+
+ int toEat = (bytesToEat > 2048 ? 2048 : bytesToEat);
+
+ t->transcodeFrom(&src[totalBytesEaten],
+ toEat,
+ outputBuf,
+ 2048,
+ bytesEaten,
+ charSizes);
+
+ outputBuf[bytesEaten] = chNull;
+ fullDest.sbXMLChCat(outputBuf);
+ totalBytesEaten += bytesEaten;
+ }
+
+ // Dup and output
+ return XMLString::replicate(fullDest.rawXMLChBuffer());
}
1.10 +11 -2 xml-security/c/src/utils/XSECDOMUtils.hpp
Index: XSECDOMUtils.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.hpp,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- XSECDOMUtils.hpp 5 Jul 2003 10:30:37 -0000 1.9
+++ XSECDOMUtils.hpp 31 Aug 2003 12:50:47 -0000 1.10
@@ -117,18 +117,27 @@
const XMLCh DSIG_EXPORT * getDSIGLocalName(const DOMNode *node);
const XMLCh DSIG_EXPORT * getECLocalName(const DOMNode *node);
const XMLCh DSIG_EXPORT * getXPFLocalName(const DOMNode *node);
+const XMLCh DSIG_EXPORT * getXENCLocalName(const DOMNode *node);
// --------------------------------------------------------------------------------
-// Find a nominated DSIG node in a document
+// Do UTF-8 <-> UTF-16 transcoding
+// --------------------------------------------------------------------------------
+
+XMLCh DSIG_EXPORT * transcodeFromUTF8(const unsigned char * src);
+
+// --------------------------------------------------------------------------------
+// Find a nominated DSIG/XENC node in a document
// --------------------------------------------------------------------------------
DOMNode DSIG_EXPORT * findDSIGNode(DOMNode *n, const char * nodeName);
+DOMNode DSIG_EXPORT * findXENCNode(DOMNode *n, const char * nodeName);
// --------------------------------------------------------------------------------
// Find particular type of node child
// --------------------------------------------------------------------------------
DOMNode DSIG_EXPORT * findFirstChildOfType(DOMNode *n, DOMNode::NodeType t);
+DOMNode DSIG_EXPORT * findNextChildOfType(DOMNode *n, DOMNode::NodeType t);
// --------------------------------------------------------------------------------
// Make a QName
1.10 +14 -1 xml-security/c/src/utils/XSECSafeBuffer.cpp
Index: XSECSafeBuffer.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECSafeBuffer.cpp,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- XSECSafeBuffer.cpp 5 Jul 2003 10:30:37 -0000 1.9
+++ XSECSafeBuffer.cpp 31 Aug 2003 12:50:47 -0000 1.10
@@ -71,11 +71,14 @@
// XSEC includes
#include <xsec/utils/XSECSafeBuffer.hpp>
+#include <xsec/utils/XSECDOMUtils.hpp>
#include <xsec/framework/XSECError.hpp>
#include <xercesc/util/XMLUniDefs.hpp>
+#include <xercesc/util/Janitor.hpp>
XSEC_USING_XERCES(XMLString);
+XSEC_USING_XERCES(ArrayJanitor);
// Standard includes
@@ -665,6 +668,16 @@
XMLString::catString((XMLCh *) buffer, t);
delete[] t;
+}
+
+void safeBuffer::sbXMLChCat8(const char * str) {
+
+ checkBufferType(BUFFER_UNICODE);
+
+ XMLCh * toAdd = transcodeFromUTF8((const unsigned char *) str);
+ ArrayJanitor<XMLCh> j_toAdd(toAdd);
+ sbXMLChCat(toAdd);
+
}
// Get functions
1.12 +2 -1 xml-security/c/src/utils/XSECSafeBuffer.hpp
Index: XSECSafeBuffer.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECSafeBuffer.hpp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- XSECSafeBuffer.hpp 5 Jul 2003 10:30:37 -0000 1.11
+++ XSECSafeBuffer.hpp 31 Aug 2003 12:50:47 -0000 1.12
@@ -182,6 +182,7 @@
void sbXMLChAppendCh(const XMLCh c); // Append a Unicode character to the buffer
void sbXMLChCat(const XMLCh *str); // Append a UTF-16 string to the buffer
void sbXMLChCat(const char * str); // Append a (transcoded) local string to the buffer
+ void sbXMLChCat8(const char * str); // Append a (transcoded) UTF-8 string to the buffer
// Sensitive data functions
void isSensitive(void);