Main Page | Modules | Class Hierarchy | Class List | Directories | File List | Class Members | File Members | Related Pages

DSIGConstants.hpp

Go to the documentation of this file.
00001 /*
00002  * Copyright 2002-2005 The Apache Software Foundation.
00003  *
00004  * Licensed under the Apache License, Version 2.0 (the "License");
00005  * you may not use this file except in compliance with the License.
00006  * You may obtain a copy of the License at
00007  *
00008  *     http://www.apache.org/licenses/LICENSE-2.0
00009  *
00010  * Unless required by applicable law or agreed to in writing, software
00011  * distributed under the License is distributed on an "AS IS" BASIS,
00012  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00013  * See the License for the specific language governing permissions and
00014  * limitations under the License.
00015  */
00016 
00017 /*
00018  * XSEC
00019  *
00020  * DSIGConstants := Definitions of varius DSIG constants (mainly strings)
00021  *
00022  * Author(s): Berin Lautenbach
00023  *
00024  * $Id: DSIGConstants.hpp 450744 2006-09-28 07:52:02Z blautenb $
00025  *
00026  */
00027 
00028 #ifndef DSIGCONSTANTS_HEADER
00029 #define DSIGCONSTANTS_HEADER
00030 
00031 #include <xsec/utils/XSECSafeBuffer.hpp>
00032 
00033 // Xerces
00034 #include <xercesc/util/XMLString.hpp>
00035 
00036 XSEC_USING_XERCES(XMLString);
00037 
00038 // Name Spaces
00039 
00040 #define URI_ID_DSIG     "http://www.w3.org/2000/09/xmldsig#"
00041 #define URI_ID_EC       "http://www.w3.org/2001/10/xml-exc-c14n#"
00042 // Also used as algorithm ID for XPATH_FILTER
00043 #define URI_ID_XPF      "http://www.w3.org/2002/06/xmldsig-filter2"
00044 #define URI_ID_XENC     "http://www.w3.org/2001/04/xmlenc#"
00045 
00046 // Hashing Algorithms
00047 
00048 #define URI_ID_SHA1         "http://www.w3.org/2000/09/xmldsig#sha1"
00049 #define URI_ID_MD5          "http://www.w3.org/2001/04/xmldsig-more#md5"
00050 #define URI_ID_SHA224       "http://www.w3.org/2001/04/xmldsig-more#sha224"
00051 #define URI_ID_SHA256       "http://www.w3.org/2001/04/xmlenc#sha256"
00052 #define URI_ID_SHA384       "http://www.w3.org/2001/04/xmldsig-more#sha384"
00053 #define URI_ID_SHA512       "http://www.w3.org/2001/04/xmlenc#sha512"
00054 
00055 // Encryption Algorithms
00056 #define URI_ID_3DES_CBC     "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
00057 #define URI_ID_AES128_CBC   "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
00058 #define URI_ID_AES192_CBC   "http://www.w3.org/2001/04/xmlenc#aes192-cbc"
00059 #define URI_ID_AES256_CBC   "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
00060 
00061 // Key Wrap Algorithm
00062 #define URI_ID_KW_AES128    "http://www.w3.org/2001/04/xmlenc#kw-aes128"
00063 #define URI_ID_KW_AES192    "http://www.w3.org/2001/04/xmlenc#kw-aes192"
00064 #define URI_ID_KW_AES256    "http://www.w3.org/2001/04/xmlenc#kw-aes256"
00065 #define URI_ID_KW_3DES      "http://www.w3.org/2001/04/xmlenc#kw-tripledes"
00066 
00067 // Key Transport algorithms
00068 #define URI_ID_RSA_1_5          "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
00069 #define URI_ID_RSA_OAEP_MGFP1   "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
00070 
00071 // Transforms
00072 
00073 #define URI_ID_BASE64           "http://www.w3.org/2000/09/xmldsig#base64"
00074 #define URI_ID_XPATH            "http://www.w3.org/TR/1999/REC-xpath-19991116"
00075 #define URI_ID_XSLT             "http://www.w3.org/TR/1999/REC-xslt-19991116"
00076 #define URI_ID_ENVELOPE         "http://www.w3.org/2000/09/xmldsig#enveloped-signature"
00077 #define URI_ID_C14N_NOC         "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
00078 #define URI_ID_C14N_COM         "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
00079 #define URI_ID_EXC_C14N_NOC     "http://www.w3.org/2001/10/xml-exc-c14n#"
00080 #define URI_ID_EXC_C14N_COM     "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
00081 #define XPATH_EXPR_ENVELOPE     "count(ancestor-or-self::dsig:Signature | \
00082                                  here()/ancestor::dsig:Signature[1]) > \
00083                                  count(ancestor-or-self::dsig:Signature)"
00084 
00085 // Signature Algorithms
00086 
00087 #define URI_ID_SIG_BASE     "http://www.w3.org/2000/09/xmldsig#"
00088 #define URI_ID_SIG_BASEMORE "http://www.w3.org/2001/04/xmldsig-more#"
00089 #define URI_ID_SIG_DSA      "dsa"
00090 #define URI_ID_SIG_HMAC     "hmac"
00091 #define URI_ID_SIG_SHA1     "sha1"
00092 #define URI_ID_SIG_SHA224   "sha224"
00093 #define URI_ID_SIG_SHA256   "sha256"
00094 #define URI_ID_SIG_SHA384   "sha384"
00095 #define URI_ID_SIG_SHA512   "sha512"
00096 #define URI_ID_SIG_RSA      "rsa"
00097 #define URI_ID_SIG_MD5      "md5"
00098 
00099 #define URI_ID_DSA_SHA1     "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
00100 #define URI_ID_HMAC_SHA1    "http://www.w3.org/2000/09/xmldsig#hmac-sha1"
00101 #define URI_ID_HMAC_SHA224  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha224"
00102 #define URI_ID_HMAC_SHA256  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
00103 #define URI_ID_HMAC_SHA384  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
00104 #define URI_ID_HMAC_SHA512  "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
00105 #define URI_ID_RSA_SHA1     "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
00106 #define URI_ID_RSA_SHA224   "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224"
00107 #define URI_ID_RSA_SHA256   "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
00108 #define URI_ID_RSA_SHA384   "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
00109 #define URI_ID_RSA_SHA512   "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
00110 #define URI_ID_RSA_MD5      "http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
00111 
00112 // Encryption defines
00113 #define URI_ID_XENC_ELEMENT "http://www.w3.org/2001/04/xmlenc#Element"
00114 #define URI_ID_XENC_CONTENT "http://www.w3.org/2001/04/xmlenc#Content"
00115 
00116 // General
00117 
00118 #define URI_ID_XMLNS    "http://www.w3.org/2000/xmlns/"
00119 #define URI_ID_MANIFEST "http://www.w3.org/2000/09/xmldsig#Manifest"
00120 #define URI_ID_RAWX509  "http://www.w3.org/2000/09/xmldsig#rawX509Certificate"
00121 
00122 // Internal Crypto Providers
00123 
00124 #define PROV_OPENSSL    "OpenSSL Provider"
00125 #define PROV_WINCAPI    "WinCAPI Provider"
00126 #define PROV_NSS        "NSS Provider"
00127 
00128 // Enumerated Types
00129 
00130 enum canonicalizationMethod {
00131 
00132     CANON_NONE                  = 0,            // No method defined
00133     CANON_C14N_NOC              = 1,            // C14n without comments
00134     CANON_C14N_COM              = 2,            // C14n with comments
00135     CANON_C14NE_NOC             = 3,            // C14n Exclusive (without comments)
00136     CANON_C14NE_COM             = 4             // C14n Exlusive (with Comments
00137 };
00138 
00139 enum signatureMethod {
00140 
00141     SIGNATURE_NONE              = 0,            // No method defined
00142     SIGNATURE_DSA               = 1,            // DSA
00143     SIGNATURE_HMAC              = 2,            // Hash MAC
00144     SIGNATURE_RSA               = 3             // RSA
00145 };
00146 
00147 
00148 enum hashMethod {
00149 
00150     HASH_NONE                   = 0,            // No method defined
00151     HASH_SHA1                   = 1,            // SHA1
00152     HASH_MD5                    = 2,
00153     HASH_SHA224                 = 3,
00154     HASH_SHA256                 = 4,
00155     HASH_SHA384                 = 5,
00156     HASH_SHA512                 = 6
00157 };
00158 
00159 enum transformType {
00160 
00161     TRANSFORM_BASE64,
00162     TRANSFORM_C14N,
00163     TRANSFORM_EXC_C14N,
00164     TRANSFORM_ENVELOPED_SIGNATURE,
00165     TRANSFORM_XPATH,
00166     TRANSFORM_XSLT,
00167     TRANSFORM_XPATH_FILTER
00168 
00169 };
00170 
00171 enum xpathFilterType {
00172 
00173     FILTER_UNION            = 0,    
00174     FILTER_INTERSECT        = 1,    
00175     FILTER_SUBTRACT         = 2     
00177 };
00178 
00179 enum encryptionMethod {
00180 
00181     ENCRYPT_NONE            = 0,                // No method defined
00182     ENCRYPT_3DES_CBC        = 1,                // Use 3DES
00183     ENCRYPT_AES128_CBC      = 2,                // 128 bit AES in CBC mode
00184     ENCRYPT_AES192_CBC      = 3,                // 192 bit AES in CBC mode
00185     ENCRYPT_AES256_CBC      = 4,                // 256 bit AES in CBC mode
00186     ENCRYPT_KW_AES128       = 5,                // KeyWrap - AES128
00187     ENCRYPT_KW_AES192       = 6,                // KeyWrap - AES192
00188     ENCRYPT_KW_AES256       = 7,                // KeyWrap - AES256
00189     ENCRYPT_KW_3DES         = 8,
00190     ENCRYPT_RSA_15          = 9,                // RSA with PKCS 1.5 padding
00191     ENCRYPT_RSA_OAEP_MGFP1  = 10                // RSA with OAEP
00192 
00193 };
00194 
00195 
00196 // --------------------------------------------------------------------------------
00197 //           Some utility functions
00198 // --------------------------------------------------------------------------------
00199 
00200 inline
00201 bool canonicalizationMethod2URI(safeBuffer &uri, canonicalizationMethod cm) {
00202 
00203     switch (cm) {
00204 
00205     case (CANON_C14N_NOC) :
00206 
00207         uri = URI_ID_C14N_NOC;
00208         break;
00209 
00210     case (CANON_C14N_COM) :
00211 
00212         uri = URI_ID_C14N_COM;
00213         break;
00214 
00215     case (CANON_C14NE_NOC) :
00216 
00217         uri = URI_ID_EXC_C14N_NOC;
00218         break;
00219 
00220     case (CANON_C14NE_COM) :
00221 
00222         uri = URI_ID_EXC_C14N_COM;
00223         break;
00224 
00225     default :
00226         return false;       // Unknown type
00227 
00228     }
00229 
00230     return true;
00231 
00232 }
00233 
00234 inline
00235 bool signatureHashMethod2URI(safeBuffer &uri, signatureMethod sm, hashMethod hm) {
00236 
00237     if (hm < HASH_MD5)
00238         uri = URI_ID_SIG_BASE;
00239     else
00240         uri = URI_ID_SIG_BASEMORE;
00241 
00242     switch (sm) {
00243 
00244     case (SIGNATURE_DSA) :
00245 
00246         uri.sbStrcatIn(URI_ID_SIG_DSA);
00247         break;
00248 
00249     case (SIGNATURE_HMAC) :
00250 
00251         uri.sbStrcatIn(URI_ID_SIG_HMAC);
00252         break;
00253 
00254     case (SIGNATURE_RSA) :
00255 
00256         uri.sbStrcatIn(URI_ID_SIG_RSA);
00257         break;
00258 
00259     default :
00260 
00261         return false;
00262 
00263     }
00264 
00265     uri.sbStrcatIn("-");
00266 
00267     switch (hm) {
00268 
00269     case (HASH_SHA1) :
00270 
00271         uri.sbStrcatIn(URI_ID_SIG_SHA1);
00272         break;
00273 
00274     case (HASH_MD5) :
00275 
00276         uri.sbStrcatIn(URI_ID_SIG_MD5);
00277         break;
00278 
00279     case (HASH_SHA224) :
00280 
00281         uri.sbStrcatIn(URI_ID_SIG_SHA224);
00282         break;
00283 
00284     case (HASH_SHA256) :
00285 
00286         uri.sbStrcatIn(URI_ID_SIG_SHA256);
00287         break;
00288 
00289     case (HASH_SHA384) :
00290 
00291         uri.sbStrcatIn(URI_ID_SIG_SHA384);
00292         break;
00293 
00294     case (HASH_SHA512) :
00295 
00296         uri.sbStrcatIn(URI_ID_SIG_SHA512);
00297         break;
00298 
00299     default:
00300 
00301         return false;
00302 
00303     }
00304 
00305     return true;
00306 
00307 }
00308 
00309 inline
00310 bool hashMethod2URI(safeBuffer &uri, hashMethod hm) {
00311 
00312     switch (hm) {
00313 
00314     case (HASH_SHA1) :
00315 
00316         uri = URI_ID_SHA1;
00317         break;
00318 
00319     case (HASH_MD5) :
00320 
00321         uri = URI_ID_MD5;
00322         break;
00323 
00324     case (HASH_SHA224) :
00325 
00326         uri = URI_ID_SHA224;
00327         break;
00328 
00329     case (HASH_SHA256) :
00330 
00331         uri = URI_ID_SHA256;
00332         break;
00333 
00334     case (HASH_SHA384) :
00335 
00336         uri = URI_ID_SHA384;
00337         break;
00338 
00339     case (HASH_SHA512) :
00340 
00341         uri = URI_ID_SHA512;
00342         break;
00343 
00344     default:
00345         return false;
00346 
00347     }
00348 
00349     return true;
00350 
00351 }
00352 
00353 inline
00354 bool encryptionMethod2URI(safeBuffer &uri, encryptionMethod em) {
00355 
00356     switch (em) {
00357 
00358     case (ENCRYPT_3DES_CBC) :
00359 
00360         uri = URI_ID_3DES_CBC;
00361         break;
00362 
00363     case (ENCRYPT_AES128_CBC) :
00364 
00365         uri = URI_ID_AES128_CBC;
00366         break;
00367 
00368     case (ENCRYPT_AES192_CBC) :
00369 
00370         uri = URI_ID_AES192_CBC;
00371         break;
00372 
00373     case (ENCRYPT_AES256_CBC) :
00374 
00375         uri = URI_ID_AES256_CBC;
00376         break;
00377 
00378     case (ENCRYPT_KW_AES128) :
00379 
00380         uri = URI_ID_KW_AES128;
00381         break;
00382 
00383     case (ENCRYPT_KW_AES192) :
00384 
00385         uri = URI_ID_KW_AES192;
00386         break;
00387 
00388     case (ENCRYPT_KW_AES256) :
00389 
00390         uri = URI_ID_KW_AES256;
00391         break;
00392 
00393     case (ENCRYPT_KW_3DES) :
00394 
00395         uri = URI_ID_KW_3DES;
00396         break;
00397 
00398     case (ENCRYPT_RSA_15) :
00399 
00400         uri = URI_ID_RSA_1_5;
00401         break;
00402         
00403     case (ENCRYPT_RSA_OAEP_MGFP1) :
00404 
00405         uri = URI_ID_RSA_OAEP_MGFP1;
00406         break;
00407     
00408     default:
00409 
00410         return false;
00411 
00412     }
00413 
00414     return true;
00415 
00416 }
00417 
00418 // --------------------------------------------------------------------------------
00419 //           Constant Strings Class
00420 // --------------------------------------------------------------------------------
00421 
00422 class DSIG_EXPORT DSIGConstants {
00423 
00424 public:
00425 
00426     // General strings
00427 
00428     static const XMLCh * s_unicodeStrEmpty;     // ""
00429     static const XMLCh * s_unicodeStrNL;            // "\n"
00430     static const XMLCh * s_unicodeStrXmlns;     // "xmlns"
00431     static const XMLCh * s_unicodeStrURI;       // "URI"
00432 
00433     // DSIG Element Strings
00434     static const XMLCh * s_unicodeStrAlgorithm;
00435 
00436     // URI_IDs
00437     static const XMLCh * s_unicodeStrURIDSIG;
00438     static const XMLCh * s_unicodeStrURIEC;
00439     static const XMLCh * s_unicodeStrURIXPF;
00440     static const XMLCh * s_unicodeStrURIXENC;
00441 
00442     static const XMLCh * s_unicodeStrURISIGBASE;
00443     static const XMLCh * s_unicodeStrURISIGBASEMORE;
00444 
00445     static const XMLCh * s_unicodeStrURIRawX509;
00446     static const XMLCh * s_unicodeStrURISHA1;
00447     static const XMLCh * s_unicodeStrURISHA224;
00448     static const XMLCh * s_unicodeStrURISHA256;
00449     static const XMLCh * s_unicodeStrURISHA384;
00450     static const XMLCh * s_unicodeStrURISHA512;
00451     static const XMLCh * s_unicodeStrURIMD5;        // Not recommended
00452     static const XMLCh * s_unicodeStrURIBASE64;
00453     static const XMLCh * s_unicodeStrURIXPATH;
00454     static const XMLCh * s_unicodeStrURIXSLT;
00455     static const XMLCh * s_unicodeStrURIENVELOPE;
00456     static const XMLCh * s_unicodeStrURIC14N_NOC;
00457     static const XMLCh * s_unicodeStrURIC14N_COM;
00458     static const XMLCh * s_unicodeStrURIEXC_C14N_NOC;
00459     static const XMLCh * s_unicodeStrURIEXC_C14N_COM;
00460     static const XMLCh * s_unicodeStrURIDSA_SHA1;
00461 
00462     static const XMLCh * s_unicodeStrURIRSA_MD5;
00463     static const XMLCh * s_unicodeStrURIRSA_SHA1;
00464     static const XMLCh * s_unicodeStrURIRSA_SHA224;
00465     static const XMLCh * s_unicodeStrURIRSA_SHA256;
00466     static const XMLCh * s_unicodeStrURIRSA_SHA384;
00467     static const XMLCh * s_unicodeStrURIRSA_SHA512;
00468 
00469     static const XMLCh * s_unicodeStrURIHMAC_SHA1;
00470     static const XMLCh * s_unicodeStrURIHMAC_SHA224;
00471     static const XMLCh * s_unicodeStrURIHMAC_SHA256;
00472     static const XMLCh * s_unicodeStrURIHMAC_SHA384;
00473     static const XMLCh * s_unicodeStrURIHMAC_SHA512;
00474     
00475     static const XMLCh * s_unicodeStrURIXMLNS;
00476     static const XMLCh * s_unicodeStrURIMANIFEST;
00477 
00478     // URIs for Encryption
00479     static const XMLCh * s_unicodeStrURI3DES_CBC;
00480     static const XMLCh * s_unicodeStrURIAES128_CBC; 
00481     static const XMLCh * s_unicodeStrURIAES192_CBC; 
00482     static const XMLCh * s_unicodeStrURIAES256_CBC; 
00483     static const XMLCh * s_unicodeStrURIKW_AES128;
00484     static const XMLCh * s_unicodeStrURIKW_AES192;
00485     static const XMLCh * s_unicodeStrURIKW_AES256;
00486     static const XMLCh * s_unicodeStrURIKW_3DES;
00487     static const XMLCh * s_unicodeStrURIRSA_1_5;
00488     static const XMLCh * s_unicodeStrURIRSA_OAEP_MGFP1;
00489 
00490     static const XMLCh * s_unicodeStrURIXENC_ELEMENT;
00491     static const XMLCh * s_unicodeStrURIXENC_CONTENT;
00492 
00493     // Internal Crypto Providers
00494     static const XMLCh * s_unicodeStrPROVOpenSSL;
00495     static const XMLCh * s_unicodeStrPROVWinCAPI;
00496   static const XMLCh * s_unicodeStrPROVNSS;
00497 
00498 
00499     DSIGConstants();
00500 
00501     static void create();
00502     static void destroy();
00503 
00504 };
00505 
00506 
00507 
00508 
00509 inline
00510 const XMLCh * canonicalizationMethod2UNICODEURI(canonicalizationMethod cm) {
00511 
00512     switch (cm) {
00513 
00514     case (CANON_C14N_NOC) :
00515 
00516         return DSIGConstants::s_unicodeStrURIC14N_NOC;
00517 
00518     case (CANON_C14N_COM) :
00519 
00520         return DSIGConstants::s_unicodeStrURIC14N_COM;
00521 
00522     case (CANON_C14NE_NOC) :
00523 
00524         return DSIGConstants::s_unicodeStrURIEXC_C14N_NOC;
00525 
00526     case (CANON_C14NE_COM) :
00527 
00528         return DSIGConstants::s_unicodeStrURIEXC_C14N_COM;
00529 
00530     default :
00531         break;
00532 
00533     }
00534 
00535     return DSIGConstants::s_unicodeStrEmpty;
00536 
00537 }
00538 
00539 // --------------------------------------------------------------------------------
00540 //          URI Inverse Mappings
00541 // --------------------------------------------------------------------------------
00542 
00543 /* Map URIs to internal enums, if the URIs are known to the library.
00544    If they aren't, all these calls will set the Method variables to 
00545    *_NONE, signifying we don't know them.  Note this is not necessarily
00546    an error - the calling application may have installed handlers to handle
00547    these URIs, it's just we don't have an internal enum mapping
00548 */
00549 
00550 bool DSIG_EXPORT XSECmapURIToSignatureMethods(const XMLCh * URI, 
00551                                                   signatureMethod & sm, 
00552                                                   hashMethod & hm);
00553 bool DSIG_EXPORT XSECmapURIToHashMethod(const XMLCh * URI, 
00554                                                   hashMethod & hm);
00555 bool DSIG_EXPORT XSECmapURIToCanonicalizationMethod(const XMLCh * URI, 
00556                             canonicalizationMethod & cm);
00557 
00558 #endif /* DSIGCONSTANTS_HEADER */
00559 

Generated on Sun Jan 28 19:37:21 2007 for XML-Security-C by  doxygen 1.4.2