00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028 #ifndef DSIGSIGNATURE_INCLUDE
00029 #define DSIGSIGNATURE_INCLUDE
00030
00031
00032 #include <xsec/utils/XSECSafeBufferFormatter.hpp>
00033 #include <xsec/dsig/DSIGTransform.hpp>
00034 #include <xsec/dsig/DSIGKeyInfoList.hpp>
00035 #include <xsec/dsig/DSIGConstants.hpp>
00036 #include <xsec/dsig/DSIGSignedInfo.hpp>
00037
00038
00039
00040 #include <xercesc/dom/DOM.hpp>
00041
00042 class XSECEnv;
00043 class XSECBinTXFMInputStream;
00044 class XSECURIResolver;
00045 class XSECKeyInfoResolver;
00046 class DSIGKeyInfoValue;
00047 class DSIGKeyInfoX509;
00048 class DSIGKeyInfoName;
00049 class DSIGKeyInfoPGPData;
00050 class DSIGKeyInfoSPKIData;
00051 class DSIGKeyInfoMgmtData;
00052 class DSIGObject;
00053
00057
00058
00068 class DSIG_EXPORT DSIGSignature {
00069
00070 protected:
00071
00074
00091 DSIGSignature(XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc,
00092 XERCES_CPP_NAMESPACE_QUALIFIER DOMNode *sigNode);
00093
00094 ~DSIGSignature();
00096
00097 public:
00098
00101
00111 void load(void);
00112
00126 void setSigningKey(XSECCryptoKey *k);
00127
00129
00132
00157 bool verify(void);
00158
00169 bool verifySignatureOnly(void);
00170
00196 void sign(void);
00198
00201
00222 void setDSIGNSPrefix(const XMLCh * prefix);
00223
00240 void setECNSPrefix(const XMLCh * prefix);
00241
00258 void setXPFNSPrefix(const XMLCh * prefix);
00259
00271 void setPrettyPrint(bool flag);
00272
00279 bool getPrettyPrint(void);
00280
00303 XERCES_CPP_NAMESPACE_QUALIFIER DOMElement *createBlankSignature(
00304 XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc,
00305 const XMLCh * canonicalizationAlgorithmURI,
00306 const XMLCh * signatureAlgorithmURI
00307 );
00308
00334 XERCES_CPP_NAMESPACE_QUALIFIER DOMElement *createBlankSignature(
00335 XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc,
00336 canonicalizationMethod cm = CANON_C14N_NOC,
00337 signatureMethod sm = SIGNATURE_DSA,
00338 hashMethod hm = HASH_SHA1
00339 );
00340
00362 DSIGReference * createReference(
00363 const XMLCh * URI,
00364 hashMethod hm = HASH_SHA1,
00365 char * type = NULL
00366 );
00367
00388 DSIGReference * createReference(
00389 const XMLCh * URI,
00390 const XMLCh * hashAlgorithmURI,
00391 const XMLCh * type = NULL
00392 );
00394
00397
00411 unsigned int calculateSignedInfoAndReferenceHash(unsigned char * hashBuf,
00412 unsigned int hashBufLen);
00413
00427 unsigned int calculateSignedInfoHash(unsigned char * hashBuf,
00428 unsigned int hashBufLen);
00429
00439 DSIGReferenceList * getReferenceList(void);
00440
00454 XSECBinTXFMInputStream * makeBinInputStream(void) const;
00455
00456
00470 const XMLCh * getErrMsgs(void);
00471
00480 const XMLCh * getDSIGNSPrefix();
00481
00489 const XMLCh * getECNSPrefix();
00490
00498 const XMLCh * getXPFNSPrefix();
00499
00510 XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument * getParentDocument()
00511 {return mp_doc;}
00512
00522 canonicalizationMethod getCanonicalizationMethod(void)
00523 {return (mp_signedInfo != NULL ?
00524 mp_signedInfo->getCanonicalizationMethod() : CANON_NONE);}
00525
00526
00536 hashMethod getHashMethod(void)
00537 {return (mp_signedInfo != NULL ?
00538 mp_signedInfo->getHashMethod() : HASH_NONE);}
00539
00549 signatureMethod getSignatureMethod(void)
00550 {return (mp_signedInfo != NULL ?
00551 mp_signedInfo->getSignatureMethod() : SIGNATURE_NONE);}
00552
00561 const XMLCh * getSignatureValue(void) const;
00562
00570 XSECSafeBufferFormatter * getSBFormatter(void) {return mp_formatter;}
00571
00591 void setInterlockingReferences(bool flag) {m_interlockingReferences = flag;}
00592
00593
00613 bool getInterlockingReferences(void) {return m_interlockingReferences;}
00614
00616
00619
00628 void setURIResolver(XSECURIResolver * resolver);
00629
00636 XSECURIResolver * getURIResolver(void);
00637
00646 void setKeyInfoResolver(XSECKeyInfoResolver * resolver);
00647
00654 XSECKeyInfoResolver * getKeyInfoResolver(void);
00655
00657
00661
00677 DSIGKeyInfoList * getKeyInfoList() {return &m_keyInfoList;}
00678
00687 void clearKeyInfo(void);
00688
00701 DSIGKeyInfoValue * appendDSAKeyValue(const XMLCh * P,
00702 const XMLCh * Q,
00703 const XMLCh * G,
00704 const XMLCh * Y);
00705
00716 DSIGKeyInfoValue * appendRSAKeyValue(const XMLCh * modulus,
00717 const XMLCh * exponent);
00718
00730 DSIGKeyInfoX509 * appendX509Data(void);
00731
00742 DSIGKeyInfoName * appendKeyName(const XMLCh * name, bool isDName = false);
00743
00755 DSIGKeyInfoPGPData * appendPGPData(const XMLCh * id, const XMLCh * packet);
00756
00766 DSIGKeyInfoSPKIData * appendSPKIData(const XMLCh * sexp);
00767
00777 DSIGKeyInfoMgmtData * appendMgmtData(const XMLCh * data);
00778
00780
00783
00794 DSIGObject * appendObject(void);
00795
00802 int getObjectLength(void);
00803
00811 DSIGObject * getObjectItem(int i);
00812
00814
00818
00843 void setIdByAttributeName(bool flag);
00844
00854 bool getIdByAttributeName(void);
00855
00868 void registerIdAttributeName(const XMLCh * name);
00869
00880 bool deregisterIdAttributeName(const XMLCh * name);
00881
00896 void registerIdAttributeNameNS(const XMLCh * ns, const XMLCh * name);
00897
00909 bool deregisterIdAttributeNameNS(const XMLCh * ns, const XMLCh * name);
00910
00912
00913 friend class XSECProvider;
00914
00915 private:
00916
00917
00918 #if defined(XSEC_NO_NAMESPACES)
00919 typedef vector<DSIGObject *> ObjectVectorType;
00920 #else
00921 typedef std::vector<DSIGObject *> ObjectVectorType;
00922 #endif
00923
00924
00925
00926 void createKeyInfoElement(void);
00927 bool verifySignatureOnlyInternal(void);
00928 TXFMChain * getSignedInfoInput(void);
00929
00930
00931 static void Initialise(void);
00932
00933 XSECSafeBufferFormatter * mp_formatter;
00934 bool m_loaded;
00935 XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument
00936 * mp_doc;
00937 XERCES_CPP_NAMESPACE_QUALIFIER DOMNode
00938 * mp_sigNode;
00939 DSIGSignedInfo * mp_signedInfo;
00940 XERCES_CPP_NAMESPACE_QUALIFIER DOMNode
00941 * mp_signatureValueNode;
00942 safeBuffer m_signatureValueSB;
00943 DSIGKeyInfoList m_keyInfoList;
00944 XERCES_CPP_NAMESPACE_QUALIFIER DOMNode
00945 * mp_KeyInfoNode;
00946 safeBuffer m_errStr;
00947
00948
00949 XSECEnv * mp_env;
00950
00951
00952 XSECCryptoKey * mp_signingKey;
00953
00954
00955 XSECKeyInfoResolver * mp_KeyInfoResolver;
00956
00957
00958
00959 ObjectVectorType m_objects;
00960
00961
00962 bool m_interlockingReferences;
00963
00964
00965
00966 DSIGSignature();
00967
00968 friend class XSECPlatformUtils;
00969
00970
00971 };
00972
00973 #endif