void DSIGTransformEnvelope::appendTransformer(TXFMChain * input) {
#ifdef XSEC_USE_XPATH_ENVELOPE
TXFMXPath *x;
// Special XPath transform
XSECnew(x, TXFMXPath(mp_txfmNode->getOwnerDocument()));
input->appendTxfm(x);
// Execute the envelope expression
x->evaluateEnvelope(mp_txfmNode);
#else
TXFMEnvelope *x;
// Use the Envelope transform
XSECnew(x, TXFMEnvelope(mp_txfmNode->getOwnerDocument()));
input->appendTxfm(x);
// Execute envelope
x->evaluateEnvelope(mp_txfmNode);
#endif
}
void XKMSRecoverRequestImpl::load(void) {
if (m_msg.mp_messageAbstractTypeElement == NULL) {
// Attempt to load an empty element
throw XSECException(XSECException::XKMSError,
"XKMSRecoverRequest::load - called on empty DOM");
}
if (!strEquals(getXKMSLocalName(m_msg.mp_messageAbstractTypeElement),
XKMSConstants::s_tagRecoverRequest)) {
throw XSECException(XSECException::XKMSError,
"XKMSRecoverRequest::load - called on incorrect node");
}
// Load the base message
m_request.load();
// Now check for any RecoverKeyBinding elements
DOMElement * tmpElt = findFirstElementChild(m_msg.mp_messageAbstractTypeElement);
while (tmpElt != NULL && !strEquals(getXKMSLocalName(tmpElt), XKMSConstants::s_tagRecoverKeyBinding)) {
tmpElt = findNextElementChild(tmpElt);
}
if (tmpElt != NULL) {
XSECnew(mp_recoverKeyBinding, XKMSRecoverKeyBindingImpl(m_msg.mp_env, tmpElt));
mp_recoverKeyBinding->load();
tmpElt = findNextElementChild(tmpElt);
}
else {
throw XSECException(XSECException::ExpectedXKMSChildNotFound,
"XKMSRecoverRequest::load - Expected RecoverKeyBinding node");
}
// Authentication Element
if (tmpElt != NULL && strEquals(getXKMSLocalName(tmpElt), XKMSConstants::s_tagAuthentication)) {
XSECnew(mp_authentication, XKMSAuthenticationImpl(m_msg.mp_env, tmpElt));
mp_authentication->load(mp_recoverKeyBinding->getId());
}
else {
throw XSECException(XSECException::ExpectedXKMSChildNotFound,
"XKMSRecoverRequest::load - Expected Authentication node");
}
}
bool DSIGAlgorithmHandlerDefault::appendHashTxfm(
TXFMChain * inputBytes,
const XMLCh * URI) {
hashMethod hm;
// Is this a URI we recognise?
if (!XSECmapURIToHashMethod(URI, hm)) {
safeBuffer sb;
sb.sbTranscodeIn("DSIGAlgorithmHandlerDefault - Unknown Hash URI : ");
sb.sbXMLChCat(URI);
throw XSECException(XSECException::AlgorithmMapperError,
sb.rawXMLChBuffer());
}
TXFMBase * txfm;
DOMDocument *d = inputBytes->getLastTxfm()->getDocument();
switch (hm) {
case HASH_SHA1 :
case HASH_SHA224 :
case HASH_SHA256 :
case HASH_SHA384 :
case HASH_SHA512 :
XSECnew(txfm, TXFMSHA1(d, hm));
break;
case HASH_MD5 :
XSECnew(txfm, TXFMMD5(d));
break;
default :
safeBuffer sb;
sb.sbTranscodeIn("DSIGAlgorithmHandlerDefault - Internal error unknown Hash, but URI known. URI : ");
sb.sbXMLChCat(URI);
throw XSECException(XSECException::AlgorithmMapperError,
sb.rawXMLChBuffer());
}
inputBytes->appendTxfm(txfm);
return true;
}
XSECCryptoBase64 * OpenPGPCryptoProvider::base64() const {
#if 0
OpenPGPCryptoBase64 * ret;
XSECnew(ret, OpenPGPCryptoBase64());
#else
XSCryptCryptoBase64 *ret;
XSECnew(ret, XSCryptCryptoBase64);
#endif
return ret;
}
DSIGReferenceList *DSIGReference::loadReferenceListFromXML(const XSECEnv * env, DOMNode *firstReference) {
// Have the first reference element in the document,
// so want to find and load them all
DOMNode *tmpRef = firstReference;
DSIGReferenceList * refList;
DSIGReference * r;
XSECnew(refList, DSIGReferenceList());
Janitor<DSIGReferenceList> j_refList(refList);
while (tmpRef != 0) {
// Must be an element node
if (tmpRef->getNodeType() != DOMNode::ELEMENT_NODE ||
!strEquals(getDSIGLocalName(tmpRef), "Reference")) {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"Expected <Reference> as child of <SignedInfo>");
}
XSECnew(r, DSIGReference(env, tmpRef));
refList->addReference(r);
// Load the reference before moving on
r->load();
// Find next element Node
tmpRef = tmpRef->getNextSibling();
while (tmpRef != 0 && tmpRef->getNodeType() != DOMNode::ELEMENT_NODE) {
if (tmpRef->getNodeType() == DOMNode::ENTITY_REFERENCE_NODE) {
throw XSECException(XSECException::ExpectedDSIGChildNotFound,
"EntityReference nodes in <Reference> are unsupported.");
}
tmpRef = tmpRef->getNextSibling();
}
}
j_refList.release();
return refList;
}
XKMSKeyBinding * XKMSRegisterResultImpl::appendKeyBindingItem(XKMSStatus::StatusValue status) {
XKMSKeyBindingImpl * u;
XSECnew(u, XKMSKeyBindingImpl(m_msg.mp_env));
m_keyBindingList.push_back(u);
DOMElement * e = u->createBlankKeyBinding(status);
// Append the element
DOMElement * c = findFirstElementChild(m_msg.mp_messageAbstractTypeElement);
while (c != NULL) {
if (strEquals(getXKMSLocalName(c), XKMSConstants::s_tagPrivateKey))
break;
}
if (c != NULL) {
m_msg.mp_messageAbstractTypeElement->insertBefore(e, c);
if (m_msg.mp_env->getPrettyPrintFlag()) {
m_msg.mp_messageAbstractTypeElement->insertBefore(
m_msg.mp_env->getParentDocument()->createTextNode(DSIGConstants::s_unicodeStrNL), c);
}
}
else {
m_msg.mp_messageAbstractTypeElement->appendChild(e);
m_msg.mp_env->doPrettyPrint(m_msg.mp_messageAbstractTypeElement);
}
return u;
}
void TXFMXPathFilter::setInput(TXFMBase *newInput) {
if (newInput->getOutputType() == TXFMBase::BYTE_STREAM) {
// Need to parse into DOM_NODES
TXFMParser * parser;
XSECnew(parser, TXFMParser(mp_expansionDoc));
try{
parser->setInput(newInput);
}
catch (...) {
delete parser;
input = newInput;
throw;
}
input = parser;
parser->expandNameSpaces();
}
else
input = newInput;
// Set up for the new document
document = input->getDocument();
// Expand if necessary
this->expandNameSpaces();
keepComments = input->getCommentsStatus();
}
void TXFMXPath::setInput(TXFMBase *newInput) {
if (newInput->getOutputType() == TXFMBase::BYTE_STREAM) {
//throw XSECException(XSECException::TransformInputOutputFail, "C14n canonicalisation transform requires DOM_NODES input");
// Need to parse into DOM_NODES
TXFMParser * parser;
XSECnew(parser, TXFMParser(mp_expansionDoc));
try{
parser->setInput(newInput);
}
catch (...) {
delete parser;
input = newInput;
throw;
}
input = parser;
parser->expandNameSpaces();
}
else
input = newInput;
// Set up for the new document
document = input->getDocument();
// Expand if necessary
this->expandNameSpaces();
keepComments = input->getCommentsStatus();
}
XSECEnv::XSECEnv(DOMDocument *doc) {
mp_doc = doc;
mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_11PrefixNS = XMLString::replicate(s_default11Prefix);
mp_ecPrefixNS = XMLString::replicate(s_defaultECPrefix);
mp_xpfPrefixNS = XMLString::replicate(s_defaultXPFPrefix);
mp_xencPrefixNS = XMLString::replicate(s_defaultXENCPrefix);
mp_xenc11PrefixNS = XMLString::replicate(s_defaultXENC11Prefix);
mp_xkmsPrefixNS = XMLString::replicate(s_defaultXKMSPrefix);
m_prettyPrintFlag = true;
mp_URIResolver = NULL;
// Set up our formatter
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
// Set up IDs
m_idByAttributeNameFlag = true; // At the moment this is on by default
// Register "Id" and "id" as valid Attribute names
registerIdAttributeName(s_Id);
registerIdAttributeName(s_id);
}
XSECEnv::XSECEnv(const XSECEnv & theOther) {
mp_doc = theOther.mp_doc;
mp_prefixNS = XMLString::replicate(theOther.mp_prefixNS);
mp_11PrefixNS = XMLString::replicate(theOther.mp_11PrefixNS);
mp_ecPrefixNS = XMLString::replicate(theOther.mp_ecPrefixNS);
mp_xpfPrefixNS = XMLString::replicate(theOther.mp_xpfPrefixNS);
mp_xencPrefixNS = XMLString::replicate(theOther.mp_xencPrefixNS);
mp_xenc11PrefixNS = XMLString::replicate(s_defaultXENC11Prefix);
mp_xkmsPrefixNS = XMLString::replicate(theOther.mp_xkmsPrefixNS);
m_prettyPrintFlag = theOther.m_prettyPrintFlag;
if (theOther.mp_URIResolver != NULL)
mp_URIResolver = theOther.mp_URIResolver->clone();
else
mp_URIResolver = NULL;
// Set up our formatter
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
// Set up IDs
m_idByAttributeNameFlag = theOther.m_idByAttributeNameFlag;
for (int i = 0; i < theOther.getIdAttributeNameListSize() ; ++i) {
registerIdAttributeName(theOther.getIdAttributeNameListItem(i));
}
}
XERCES_CPP_NAMESPACE_USE
// Constructor
XSECSafeBufferFormatter::XSECSafeBufferFormatter(
const XMLCh * const outEncoding,
const XMLFormatter::EscapeFlags escapeFlags,
const XMLFormatter::UnRepFlags unrepFlags) {
sbf = new sbFormatTarget();
sbf->setBuffer(&formatBuffer);
#if defined(XSEC_XERCES_FORMATTER_REQUIRES_VERSION)
formatter = new XMLFormatter(outEncoding,
0,
sbf,
escapeFlags,
unrepFlags);
#else
XSECnew(formatter, XMLFormatter(outEncoding,
sbf,
escapeFlags,
unrepFlags));
#endif
}
TXFMChain * DSIGReference::createTXFMChainFromList(TXFMBase * input,
DSIGTransformList * lst) {
TXFMChain * ret;
XSECnew(ret, TXFMChain(input));
if (lst == NULL)
return ret;
Janitor<TXFMChain> j_ret(ret);
DSIGTransformList::TransformListVectorType::size_type size, i;
size = lst->getSize();
if (size > 0) {
// Iterate through the list
for (i = 0; i < size; ++i) {
lst->item(i)->appendTransformer(ret);
}
}
j_ret.release();
return ret;
}
XSECCryptoKey * NSSCryptoKeyRSA::clone() const {
NSSCryptoKeyRSA * ret;
XSECnew(ret, NSSCryptoKeyRSA(mp_pubkey, mp_privkey));
if (mp_pubkey != 0) {
ret->mp_pubkey = SECKEY_CopyPublicKey(mp_pubkey);
if (ret->mp_pubkey == 0) {
throw XSECCryptoException(XSECCryptoException::MemoryError,
"NSS:RSA Error attempting to clone (copy) public key");
}
}
if (mp_privkey != 0) {
ret->mp_privkey = SECKEY_CopyPrivateKey(mp_privkey);
if (ret->mp_privkey == 0) {
throw XSECCryptoException(XSECCryptoException::MemoryError,
"NSS:RSA Error attempting to clone (copy) private key");
}
}
// Clone modulus
if (mp_modulus != 0) {
ret->mp_modulus = SECITEM_DupItem(mp_modulus);
if (ret->mp_modulus == 0) {
throw XSECCryptoException(XSECCryptoException::MemoryError,
"NSS:RSA Error attempting to clone (copy) modulus");
}
}
// Clone exponent
if (mp_exponent != 0) {
ret->mp_exponent = SECITEM_DupItem(mp_exponent);
if (ret->mp_exponent == 0) {
throw XSECCryptoException(XSECCryptoException::MemoryError,
"NSS:RSA Error attempting to clone (copy) exponent");
}
}
return ret;
}
TXFMXPathFilter::TXFMXPathFilter(DOMDocument *doc) :
TXFMBase(doc) {
document = NULL;
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
}
XSECCryptoKeyHMAC * OpenPGPCryptoProvider::keyHMAC(void) const {
OpenPGPCryptoKeyHMAC * ret;
XSECnew(ret, OpenPGPCryptoKeyHMAC);
return ret;
}
XKMSReissueRequest * XKMSMessageFactoryImpl::createReissueRequest(
const XMLCh * service,
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument * doc,
const XMLCh * id) {
XKMSReissueRequestImpl * rri;
XSECEnv * tenv;
XSECnew(tenv, XSECEnv(*mp_env));
tenv->setParentDocument(doc);
XSECnew(rri, XKMSReissueRequestImpl(tenv));
rri->createBlankReissueRequest(service, id);
return rri;
}
XSECAlgorithmHandler * DSIGAlgorithmHandlerDefault::clone(void) const {
DSIGAlgorithmHandlerDefault * ret;
XSECnew(ret, DSIGAlgorithmHandlerDefault);
return ret;
}
XKMSCompoundRequest * XKMSMessageFactoryImpl::createCompoundRequest(
const XMLCh * service,
DOMDocument * doc,
const XMLCh * id) {
XKMSCompoundRequestImpl * cri;
XSECEnv * tenv;
XSECnew(tenv, XSECEnv(*mp_env));
tenv->setParentDocument(doc);
XSECnew(cri, XKMSCompoundRequestImpl(tenv));
cri->createBlankCompoundRequest(service, id);
return cri;
}
XSECCryptoKeyRSA * OpenPGPCryptoProvider::keyRSA() const {
OpenPGPCryptoKeyRSA * ret;
XSECnew(ret, OpenPGPCryptoKeyRSA());
return ret;
}
XSECNameSpaceExpander::XSECNameSpaceExpander(DOMDocument *d) {
mp_doc = d;
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
m_expanded = false;
}
XSECCryptoHash * OpenPGPCryptoProvider::hashMD5() const {
OpenPGPCryptoHash * ret;
XSECnew(ret, OpenPGPCryptoHash(XSECCryptoHash::HASH_MD5));
return ret;
}
XSECCryptoHash * OpenPGPCryptoProvider::hashHMACSHA1() const {
OpenPGPCryptoHashHMAC * ret;
XSECnew(ret, OpenPGPCryptoHashHMAC(XSECCryptoHash::HASH_SHA1));
return ret;
}
void XKMSAuthenticationImpl::setNotBoundAuthentication(
const XMLCh * uri,
const XMLCh * value) {
XSECnew(mp_notBoundAuthentication, XKMSNotBoundAuthenticationImpl(mp_env));
mp_authenticationElement->appendChild(mp_notBoundAuthentication->createBlankNotBoundAuthentication(uri, value));
mp_env->doPrettyPrint(mp_authenticationElement);
}
void TXFMBase::expandNameSpaces(void) {
if (mp_nse != NULL || (input != NULL && input->nameSpacesExpanded()))
return; // Already done
XSECnew(mp_nse, XSECNameSpaceExpander(mp_expansionDoc));
mp_nse->expandNameSpaces();
}
XSECNameSpaceExpander::XSECNameSpaceExpander(DOMElement *f) {
mp_doc = NULL;
mp_fragment = f;
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
m_expanded = false;
}
// --------------------------------------------------------------------------------
// Stack Functions
// --------------------------------------------------------------------------------
void XSECXMLNSStack::pushElement(XERCES_CPP_NAMESPACE_QUALIFIER DOMNode * elt) {
XSECNSElement * t;
XSECnew(t, XSECNSElement);
t->mp_elt = elt;
t->mp_firstNS = NULL;
m_elements.push(t);
}
XKMSCompoundResult * XKMSMessageFactoryImpl::createCompoundResult(
XKMSCompoundRequest * request,
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc,
XKMSResultType::ResultMajor rmaj,
XKMSResultType::ResultMinor rmin,
const XMLCh * id) {
XKMSCompoundResultImpl * cri;
XSECEnv * tenv;
XSECnew(tenv, XSECEnv(*mp_env));
tenv->setParentDocument(doc);
XSECnew(cri, XKMSCompoundResultImpl(tenv));
cri->createBlankCompoundResult(request->getService(), id, rmaj, rmin);
copyRequestToResult(request, (XKMSResultTypeImpl*) cri);
return cri;
}
XERCES_CPP_NAMESPACE_USE
XSECNameSpaceExpander::XSECNameSpaceExpander(DOMDocument *d) {
mp_doc = d;
mp_fragment = d->getDocumentElement();
XSECnew(mp_formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
m_expanded = false;
}
XSECCryptoKey * NSSCryptoKeyHMAC::clone() const {
NSSCryptoKeyHMAC * ret;
XSECnew(ret, NSSCryptoKeyHMAC());
ret->m_keyBuf = m_keyBuf;
ret->m_keyLen = m_keyLen;
return ret;
}
TXFMXPath::TXFMXPath(DOMDocument *doc) :
TXFMBase(doc) {
document = NULL;
XPathAtts = NULL;
// Formatter is used for handling attribute name space inputs
XSECnew(formatter, XSECSafeBufferFormatter("UTF-8",XMLFormatter::NoEscapes,
XMLFormatter::UnRep_CharRef));
}