void XENCEncryptionMethodImpl::setMGF(const XMLCh * mgf) {

	if (mp_mgfAlgorithmAttr == NULL) {

		// Need to create
		if (mp_oaepParamsTextNode == NULL && mp_digestAlgorithmAttr == NULL && mp_keySizeTextNode == NULL) {
			mp_env->doPrettyPrint(mp_encryptionMethodElement);
		}

		// Get some setup values
		safeBuffer str;
		DOMDocument *doc = mp_env->getParentDocument();
		const XMLCh * prefix = mp_env->getXENC11NSPrefix();

		makeQName(str, prefix, s_MGF);

		DOMElement *e = doc->createElementNS(DSIGConstants::s_unicodeStrURIXENC11, str.rawXMLChBuffer());
		mp_encryptionMethodElement->appendChild(e);
		mp_env->doPrettyPrint(mp_encryptionMethodElement);

		e->setAttributeNS(NULL,
					DSIGConstants::s_unicodeStrAlgorithm,
					mgf);

		// Set namespace

		if (prefix[0] == XERCES_CPP_NAMESPACE_QUALIFIER chNull) {
			str.sbTranscodeIn("xmlns");
		}
		else {
			str.sbTranscodeIn("xmlns:");
			str.sbXMLChCat(prefix);
		}

		e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, 
								str.rawXMLChBuffer(), 
								DSIGConstants::s_unicodeStrURIXENC11);

		// Now retrieve for later use
		mp_mgfAlgorithmAttr =
			e->getAttributeNodeNS(NULL, 
				DSIGConstants::s_unicodeStrAlgorithm);

		if (mp_mgfAlgorithmAttr == NULL) {

			throw XSECException(XSECException::EncryptionMethodError,
				"XENCEncryptionMethod::setMGF - Error creating Algorithm Attribute");
		}
	} 
	
	else {

		mp_mgfAlgorithmAttr->setNodeValue(mgf);

	}

}
Example #2
0
void DSIGTransformXPath::setNamespace(const char * prefix, const char * value) {

	safeBuffer str;

	str.sbStrcpyIn("xmlns:");
	str.sbStrcatIn((char *) prefix);

	DOMElement *x;

	x = static_cast <DOMElement *> (mp_xpathNode);

//	if (x == NULL) {
//
//		throw XSECException(XSECException::TransformError,
//			"Found a non ELEMENT node as the XPath node in DSIGTransformXPath");
//	}

	x->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
		str.sbStrToXMLCh(),
		MAKE_UNICODE_STRING(value));

	mp_NSMap = mp_xpathNode->getAttributes();


}
Example #3
0
DOMElement * DSIGTransformXPath::createBlankTransform(DOMDocument * parentDoc) {

	safeBuffer str;
	const XMLCh * prefix;
	DOMElement *ret;
	DOMDocument *doc = mp_env->getParentDocument();

	prefix = mp_env->getDSIGNSPrefix();
	
	// Create the transform node
	makeQName(str, prefix, "Transform");
	ret = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	ret->setAttributeNS(NULL,DSIGConstants::s_unicodeStrAlgorithm, DSIGConstants::s_unicodeStrURIXPATH);
	
	// Create the XPath element
	
	makeQName(str, prefix, "XPath");
	mp_xpathNode = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	mp_exprTextNode = doc->createTextNode(MAKE_UNICODE_STRING(""));
	ret->appendChild(mp_xpathNode);
	mp_xpathNode->appendChild(mp_exprTextNode);

	mp_txfmNode = ret;

	return ret;

}
Example #4
0
void TXFMXPath::evaluateEnvelope(DOMNode *t) {

	// A special case where the XPath expression is already known

	if (document == NULL) {

		throw XSECException(XSECException::XPathError, 
		   "Attempt to define XPath Name Space before setInput called");

	}

	DOMElement * e = document->getDocumentElement();

	if (e == NULL) {

		throw XSECException(XSECException::XPathError, 
              "Element node not found in Document");

	}

	// Set the xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"

	e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, MAKE_UNICODE_STRING("xmlns:dsig"), DSIGConstants::s_unicodeStrURIDSIG);
	
	
	// Evaluate

	evaluateExpr(t, XPATH_EXPR_ENVELOPE);

	// Now we are done, remove the namespace
	
	e->removeAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, MAKE_UNICODE_STRING("dsig"));

}
void
XMLSecurityLibraryTest::testEncrypt() {
    XBE_LOG_DEBUG("encrypting a xbe-message document by hand");

    xsd::cxx::xml::dom::auto_ptr<xercesc::DOMDocument> doc(create("message", "http://www.xenbee.net/schema/2008/02/xbe-msg", "xbemsg"));
    DOMElement* root = doc->getDocumentElement();

    root->setAttributeNS(xml::string("http://www.w3.org/2000/xmlns/").c_str(),
            xml::string("xmlns:xbemsg").c_str(),
            xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str());

    /* HEADER */
    DOMElement*  hdrElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:header").c_str());
    root->appendChild(hdrElem);

    DOMElement*  toElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:to").c_str());
    hdrElem->appendChild(toElem);
    DOMText*    toTxt   = doc->createTextNode(xml::string("foo.bar").c_str());
    toElem->appendChild(toTxt);

    DOMElement*  fromElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:from").c_str());
    hdrElem->appendChild(fromElem);
    DOMText*    fromTxt   = doc->createTextNode(xml::string("foo.bar").c_str());
    fromElem->appendChild(fromTxt);

    /* BODY */
    DOMElement*  bodyElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:body").c_str());
    root->appendChild(bodyElem);

    /* some example content */
    DOMElement*  exampleContentElem = doc->createElementNS(xml::string("http://www.example.com/text").c_str(), xml::string("text").c_str());
    exampleContentElem->setAttributeNS(xml::string("http://www.w3.org/2000/xmlns/").c_str(),
            xml::string("xmlns").c_str(),
            xml::string("http://www.example.com/text").c_str());
    bodyElem->appendChild(exampleContentElem);

    DOMText*    exampleContentTxt   = doc->createTextNode(xml::string("Hello World!").c_str());
    exampleContentElem->appendChild(exampleContentTxt);


}
Example #6
0
DOMElement * DSIGTransformEnvelope::createBlankTransform(DOMDocument * parentDoc) {

	safeBuffer str;
	const XMLCh * prefix;
	DOMElement *ret;
	DOMDocument *doc = mp_env->getParentDocument();

	prefix = mp_env->getDSIGNSPrefix();
	
	// Create the transform node
	makeQName(str, prefix, "Transform");
	ret = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	ret->setAttributeNS(NULL,DSIGConstants::s_unicodeStrAlgorithm, DSIGConstants::s_unicodeStrURIENVELOPE);

	mp_txfmNode = ret;

	return ret;

}
Example #7
0
bool STConfig::init(const char* schemadir, const char* config)
{
    saml::NDC ndc("init");
    Category& log = Category::getInstance("shibtarget.STConfig");

    if (!schemadir || !config) {
        log.fatal("schema directory or config file not supplied");
        return false;
    }

    // This will cause some extra console logging, but for now,
    // initialize the underlying libraries.
    SAMLConfig& samlConf=SAMLConfig::getConfig();
    if (schemadir)
        samlConf.schema_dir = schemadir;
    SAMLSOAPBinding::version=string("Shibboleth: ") + PACKAGE_VERSION;
    try {
        if (!samlConf.init()) {
            log.fatal("Failed to initialize SAML Library");
            return false;
        }
    }
    catch (...) {
        log.fatal("Died initializing SAML Library");
        return false;
    }
    
    ShibConfig& shibConf=ShibConfig::getConfig();
    try { 
        if (!shibConf.init()) {
            log.fatal("Failed to initialize Shib library");
            samlConf.term();
            return false;
        }
    }
    catch (...) {
        log.fatal("Died initializing Shib library.");
        samlConf.term();
        return false;
    }

    try {
        // Register plugin types.
#ifndef WIN32
        shibConf.m_plugMgr.regFactory(shibtarget::XML::UnixListenerType,&UnixListenerFactory);
#endif
        shibConf.m_plugMgr.regFactory(shibtarget::XML::TCPListenerType,&TCPListenerFactory);
        shibConf.m_plugMgr.regFactory(shibtarget::XML::MemorySessionCacheType,&MemoryCacheFactory);
        shibConf.m_plugMgr.regFactory(shibtarget::XML::RequestMapType,&XMLRequestMapFactory);
        //shibConf.m_plugMgr.regFactory(shibtarget::XML::htaccessType,&htaccessFactory);
        saml::XML::registerSchema(ShibTargetConfig::SHIBTARGET_NS,shibtarget::XML::SHIBTARGET_SCHEMA_ID);
        
        log.info("loading configuration file: %s", config);
        static const XMLCh uri[] = { chLatin_u, chLatin_r, chLatin_i, chNull };
        DOMImplementation* impl=DOMImplementationRegistry::getDOMImplementation(NULL);
        DOMDocument* dummydoc=impl->createDocument();
        DOMElement* dummy = dummydoc->createElementNS(NULL,XML::Literals::ShibbolethTargetConfig);
        auto_ptr_XMLCh src(config);
        dummy->setAttributeNS(NULL,uri,src.get());
        m_ini=ShibTargetConfigFactory(dummy);
        dummydoc->release();
        
        pair<bool,unsigned int> skew=m_ini->getUnsignedInt("clockSkew");
        samlConf.clock_skew_secs=skew.first ? skew.second : 180;
        
        m_tranLog=new FixedContextCategory(SHIBTRAN_LOGCAT);
        m_tranLog->info("opened transaction log");
        m_tranLogLock = Mutex::create();
    }
    catch (...) {
        log.fatal("caught exception while loading/initializing configuration");
        delete m_ini;
        shibConf.term();
        samlConf.term();
        return false;
    }
  
    log.info("finished initializing");

    return true;
}
Example #8
0
XERCES_CPP_NAMESPACE_USE

#if !defined(XSEC_NO_XPATH)

#include <iostream>

#define KLUDGE_PREFIX "berindsig"

// Helper function

void setXPathNS(DOMDocument *d, 
				DOMNamedNodeMap *xAtts, 
			    XSECXPathNodeList &addedNodes,
				XSECSafeBufferFormatter *formatter,
				XSECNameSpaceExpander * nse) {

	// if set then set the name spaces in the attribute list else clear them

	DOMElement * e = d->getDocumentElement();

	if (e == NULL) {

		throw XSECException(XSECException::XPathError, "Element node not found in Document");

	}

	if (xAtts != 0) {

		int xAttsCount = xAtts->getLength();	

		// Check all is OK with the Xalan Document and first element

		if (d == NULL) {

			throw XSECException(XSECException::XPathError, "Attempt to define XPath Name Space before setInput called");

		}

		// Run through each attribute looking for name spaces
		const XMLCh *xpName;
		safeBuffer xpNameSB;
		const XMLCh *xpLocalName;
		const XMLCh *xpValue;

		for (int xCounter = 0; xCounter < xAttsCount; ++xCounter) {

			if (nse == NULL || !nse->nodeWasAdded(xAtts->item(xCounter))) {
				
				xpName = xAtts->item(xCounter)->getNodeName();
				xpNameSB << (*formatter << xpName);
				
				if (xpNameSB.sbStrncmp("xmlns", 5) == 0) {

					// Check whether a node of this name already exists
					xpLocalName = xAtts->item(xCounter)->getLocalName();
					xpValue = xAtts->item(xCounter)->getNodeValue();
					if (e->hasAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, xpLocalName) == false) {

						// Nope
	
						e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, xpName, xpValue);
						addedNodes.addNode(e->getAttributeNodeNS(DSIGConstants::s_unicodeStrURIXMLNS, xpLocalName));
					}

				}

			}

		}

	}

	// Insert the kludge namespace
	safeBuffer k("xmlns:");
	k.sbStrcatIn(KLUDGE_PREFIX);

	e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
					 MAKE_UNICODE_STRING(k.rawCharBuffer()),
					 DSIGConstants::s_unicodeStrURIDSIG);
}
Example #9
0
int main(int /*argc*/, char ** /*argv*/) {

    Normalizer *normalizer = new Normalizer();

    DOMDocument *doc = normalizer->createDocument();
    bool *tmpTrue = new bool(true);
    bool *tmpFalse = new bool(false);

    DOMElement* docFirstElement = doc->createElementNS(X("http://www.test.com"),X("docEle"));
    doc->appendChild(docFirstElement);
    DOMElement* docFirstElementChild = doc->createElementNS(X("http://www.test2.com"),X("docEleChild"));
    docFirstElement->appendChild(docFirstElementChild);

    //create default ns
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //add in binding
    docFirstElement->setPrefix(X("po"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //use default
    DOMElement* docFirstElementChildChild = doc->createElementNS(X("http://www.test2.com"),X("docEleChildChild"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    // this block is needed to destroy the XMLBuffer 
    {
        //use a binding
        XMLBuffer buf;
        buf.set(XMLUni::fgXMLNSString);
        buf.append(chColon);
        buf.append(X("po2"));
        docFirstElementChild->removeAttributeNS(XMLUni::fgXMLNSURIName, XMLUni::fgXMLNSString);
        docFirstElement->removeAttributeNS(XMLUni::fgXMLNSURIName, XMLUni::fgXMLNSString);
        docFirstElement->setAttributeNS(XMLUni::fgXMLNSURIName, buf.getRawBuffer(), X("http://www.test2.com"));
        docFirstElementChild->setPrefix(X("po2"));
        doc->normalizeDocument();
        normalizer->serializeNode(doc);
        XERCES_STD_QUALIFIER cout << "\n\n";
    }

    //some siblngs to ensure the scope stacks are working
    docFirstElementChildChild = doc->createElementNS(X("http://www.test3.com"),X("docEleChildChild2"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    docFirstElementChildChild = doc->createElementNS(X("http://www.test4.com"),X("po4:docEleChildChild3"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    docFirstElementChildChild = doc->createElementNS(X("http://www.test4.com"),X("po4:docEleChildChild4"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //conflicting prefix
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, X("po4"), X("conflict"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";
    
    //conflicting default
    docFirstElementChildChild = doc->createElementNS(X("http://www.test4.com"),X("docEleChildChild5"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, XMLUni::fgXMLNSString, X("conflict"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //set the xmlns to ""
    DOMElement *noNamespaceEle = doc->createElementNS(X(""),X("noNamespace"));
    docFirstElementChildChild->appendChild(noNamespaceEle);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";


    //now lets do a bit off attribute testing on the doc ele
    docFirstElement->setAttributeNS(X("http://testattr.com"), X("attr1"), X("value"));
    docFirstElement->setAttributeNS(X("http://testattr.com"), X("attr2"), X("value"));
    docFirstElement->setAttributeNS(X("http://testattr2.com"), X("attr3"), X("value"));
    docFirstElement->setAttributeNS(X("http://www.test.com"), X("attr4"), X("value"));
    docFirstElement->setAttributeNS(X("http://testattr2.com"), X("po:attr5"), X("value"));
    docFirstElement->setAttributeNS(X("http://testattr2.com"), X("poFake:attr6"), X("value"));
    docFirstElement->setAttributeNS(X("http://testattr3.com"), X("po3:attr7"), X("value"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //and now on one of its children
    docFirstElementChildChild->setAttributeNS(X("http://testattr.com"), X("attr1"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr.com"), X("attr2"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr2.com"), X("attr3"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://www.test.com"), X("attr4"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr2.com"), X("po:attr5"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr2.com"), X("poFake:attr6"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr3.com"), X("po3:attr7"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://testattr4.com"), X("po4:attr8"), X("value"));
    

    //test for a clash with our NSx attrs
    docFirstElementChildChild->setAttributeNS(X("http://testclash.com"), X("NS1:attr9"), X("value"));
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, X("xmlns:NS1"), X("http://testclash.com"));

    //clash with standard prefix
    docFirstElementChildChild->setAttributeNS(X("http://testattr5.com"), X("po:attr10"), X("value"));

    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";


    //2 prefix with the same uri
    docFirstElementChildChild = doc->createElementNS(X("http://www.uri1.com"),X("docEleChildChild6"));
    docFirstElementChild->appendChild(docFirstElementChildChild);
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, X("xmlns:uri1"), X("http://www.uri1.com"));
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, X("xmlns:uri1b"), X("http://www.uri1.com"));
    docFirstElementChildChild->setAttributeNS(X("http://www.uri1.com"), X("uri1:attr1"), X("value"));
    docFirstElementChildChild->setAttributeNS(X("http://www.uri1.com"), X("uri1b:attr2"), X("value"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";

    //check to see we use the nearest binding and for more inheritence
    DOMElement *docFirstElementChildChildChild = doc->createElementNS(X("http://www.uri1.com"),X("docEleChildChildChild"));
    docFirstElementChildChild->appendChild(docFirstElementChildChildChild);
    docFirstElementChildChild->setAttributeNS(XMLUni::fgXMLNSURIName, X("xmlns:nearerThanPo"), X("http://www.test.com"));
    docFirstElementChildChildChild->setAttributeNS(X("http://testattr.com"), X("attr2"), X("value"));
    docFirstElementChildChildChild->setAttributeNS(X("http://www.test.com"), X("attr1"), X("value"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);
    XERCES_STD_QUALIFIER cout << "\n\n";


    //NS1.1 stuff

    //test creating default prefix when NS1 has been set to ""
    noNamespaceEle->setAttributeNS(XMLUni::fgXMLNSURIName, X("xmlns:NS1"), X(""));
    DOMElement *noNamespaceChild = doc->createElementNS(X("http://testclash.com"),X("testing1.1Stuff"));
    noNamespaceEle->appendChild(noNamespaceChild);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);

    noNamespaceChild = doc->createElementNS(X("http://testclash.com"),X("NS1:testing1.1Stuff"));
    noNamespaceEle->appendChild(noNamespaceChild);
    
    noNamespaceChild->setAttributeNS(X("http://www.someRandomUri.com"), X("attr"), X("value"));
    doc->normalizeDocument();
    normalizer->serializeNode(doc);


    //check error conditions
    XERCES_STD_QUALIFIER cout << "error conditions" << XERCES_STD_QUALIFIER endl;

    DOMConfiguration *conf = doc->getDOMConfig();
    conf->setParameter(XMLUni::fgDOMErrorHandler, normalizer);
    conf->setParameter(XMLUni::fgDOMNamespaces, true);

    DOMElement *level1Node = doc->createElement(X("level1Node"));
    docFirstElement->appendChild(level1Node);
    doc->normalizeDocument();

    docFirstElement->removeChild(level1Node);
    docFirstElement->setAttribute(X("level1Attr"), X("level1"));
    doc->normalizeDocument();
    docFirstElement->removeAttribute(X("level1Attr"));

    //cant check this as Xerces does not let us do it
    //    noNamespaceChild->setAttributeNS(X("http://www.someRandomUri.com"), X("xmlns"), X("value"));
    //    doc->normalizeDocument();



    //lets do a sanity test on a comment
    DOMComment *comment = doc->createComment(X("some comment"));
    docFirstElement->appendChild(comment);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);

    conf->setParameter(XMLUni::fgDOMComments, false);
    docFirstElement->appendChild(comment);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);


    //and on a CDATA
    DOMCDATASection *cData = doc->createCDATASection(X("some cdata"));
    docFirstElement->appendChild(cData);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);

    conf->setParameter(XMLUni::fgDOMCDATASections, false);
    docFirstElement->appendChild(cData);
    doc->normalizeDocument();
    normalizer->serializeNode(doc);

    delete normalizer;
    delete tmpTrue;
    delete tmpFalse;

    return 0;
}
Example #10
0
DOMElement *DSIGReference::createBlankReference(const XMLCh * URI,
												const XMLCh * hashAlgorithmURI,
												const XMLCh * type) {

	// Reset this Reference just in case

	m_isManifest = false;
	mp_preHash = NULL;
	mp_manifestList = NULL;
	mp_transformsNode = NULL;
	mp_transformList = NULL;

	XSECmapURIToHashMethod(hashAlgorithmURI, me_hashMethod);

	safeBuffer str;
	DOMDocument *doc = mp_env->getParentDocument();
	const XMLCh * prefix = mp_env->getDSIGNSPrefix();

	makeQName(str, prefix, "Reference");

	DOMElement *ret = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	mp_referenceNode = ret;

	// Set type
	if (type != NULL)
		ret->setAttributeNS(NULL, MAKE_UNICODE_STRING("Type"), type);

	// Set URI
	if (URI != NULL) {
		ret->setAttributeNS(NULL, s_unicodeStrURI, URI);
		mp_URI = ret->getAttributeNS(NULL, s_unicodeStrURI); // Used later on as a pointer
	}
	else {
		// Anonymous reference
		mp_URI = NULL;
	}

	// Create hash and hashValue nodes
	makeQName(str, prefix, "DigestMethod");
	DOMElement *digestMethod = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	mp_env->doPrettyPrint(ret);
	ret->appendChild(digestMethod);
	mp_env->doPrettyPrint(ret);

	digestMethod->setAttributeNS(NULL, DSIGConstants::s_unicodeStrAlgorithm,
		hashAlgorithmURI);

	// Retrieve the attribute value for later use
	mp_algorithmURI =
		digestMethod->getAttributeNS(NULL, DSIGConstants::s_unicodeStrAlgorithm);


	// DigestValue

	makeQName(str, prefix, "DigestValue");
	mp_hashValueNode = doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
	ret->appendChild(mp_hashValueNode);
	mp_env->doPrettyPrint(ret);
	mp_hashValueNode->appendChild(doc->createTextNode(MAKE_UNICODE_STRING("Not yet calculated")));

	m_loaded = true;
	return ret;

}
void
XMLSecurityLibraryTest::testSign() {
    XBE_LOG_DEBUG("signing a xbe-message document by hand");

    xsd::cxx::xml::dom::auto_ptr<xercesc::DOMDocument> doc(create("message", "http://www.xenbee.net/schema/2008/02/xbe-msg", "xbemsg"));
    DOMElement* root = doc->getDocumentElement();

    root->setAttributeNS(xml::string("http://www.w3.org/2000/xmlns/").c_str(),
            xml::string("xmlns:xbemsg").c_str(),
            xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str());

    /* HEADER */
    DOMElement*  hdrElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:header").c_str());
    root->appendChild(hdrElem);

    DOMElement*  toElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:to").c_str());
    hdrElem->appendChild(toElem);
    DOMText*    toTxt   = doc->createTextNode(xml::string("foo.bar").c_str());
    toElem->appendChild(toTxt);

    DOMElement*  fromElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:from").c_str());
    hdrElem->appendChild(fromElem);
    DOMText*    fromTxt   = doc->createTextNode(xml::string("foo.bar").c_str());
    fromElem->appendChild(fromTxt);

    /* BODY */
    DOMElement*  bodyElem = doc->createElementNS(xml::string("http://www.xenbee.net/schema/2008/02/xbe-msg").c_str(),
            xml::string("xbemsg:body").c_str());
    root->appendChild(bodyElem);

    /* some example content */
    DOMElement*  exampleContentElem = doc->createElementNS(xml::string("http://www.example.com/text").c_str(), xml::string("text").c_str());
    exampleContentElem->setAttributeNS(xml::string("http://www.w3.org/2000/xmlns/").c_str(),
            xml::string("xmlns").c_str(),
            xml::string("http://www.example.com/text").c_str());
    bodyElem->appendChild(exampleContentElem);

    DOMText*    exampleContentTxt   = doc->createTextNode(xml::string("Hello World!").c_str());
    exampleContentElem->appendChild(exampleContentTxt);

    XSECProvider prov;
    DSIGSignature *sig;
    DOMElement *sigNode;

    sig = prov.newSignature();
    sig->setDSIGNSPrefix(xml::string("dsig").c_str());

    // Use it to create a blank signature DOM structure from the doc

    sigNode = sig->createBlankSignature(doc.get(),
            CANON_C14N_NOC,
            SIGNATURE_HMAC,
            HASH_SHA1);
    // Insert the signature DOM nodes into the doc

    hdrElem->appendChild(sigNode);
    //    doc->normalizeDocument();
    // Create an envelope reference for the text to be signed
    DSIGReference * ref = sig->createReference(xml::string("").c_str());
    ref->appendEnvelopedSignatureTransform();

    // Set the HMAC Key to be the string "secret"
    XSECCryptoKeyHMAC *hmacKey = XSECPlatformUtils::g_cryptoProvider->keyHMAC();
    hmacKey->setKey((unsigned char *) "secret", (unsigned int)strlen("secret"));
    sig->setSigningKey(hmacKey);

    // Add a KeyInfo element
    sig->appendKeyName(xml::string("The secret key is \"secret\"").c_str());

    // Sign
    XBE_LOG_DEBUG("signing the document");
    sig->sign();

    {
        std::ofstream of("resources/xbe-message-example.xml");
        XbeLibUtils::serialize(of, *doc);
        XBE_LOG_DEBUG("dumped signed document to: " << "resources/xbe-message-example.xml");
    }

    DSIGSignature *sig1 = prov.newSignatureFromDOM(doc.get());
    sig1->load();

    hmacKey = XSECPlatformUtils::g_cryptoProvider->keyHMAC();
    hmacKey->setKey((unsigned char *) "secret", strlen("secret"));
    sig1->setSigningKey(hmacKey);

    XBE_LOG_DEBUG("validating the document");
    bool isValid(sig1->verify());
    char *_errMsgs = XMLString::transcode(sig1->getErrMsgs());
    std::string errMsgs(_errMsgs);
    XMLString::release(&_errMsgs);

    prov.releaseSignature(sig);
    prov.releaseSignature(sig1);
    // Verify
    CPPUNIT_ASSERT_MESSAGE(errMsgs, isValid);

    XBE_LOG_DEBUG("the message is valid!");
}
Example #12
0
Override::Override(const DOMElement* e, Category& log, const Override* base) : m_base(base), m_acl(NULL)
{
    try {
        // Load the property set.
        load(e,log,this);
        
        // Load any AccessControl provider.
        loadACL(e,log);
    
        // Handle nested Paths.
        DOMElement* path = XMLHelper::getFirstChildElement(e,Path);
        for (int i=1; path; ++i, path=XMLHelper::getNextSiblingElement(path,Path)) {
            const XMLCh* n=path->getAttributeNS(NULL,name);
            
            // Skip any leading slashes.
            while (n && *n==chForwardSlash)
                n++;
            
            // Check for empty name.
            if (!n || !*n) {
                log.warn("skipping Path element (%d) with empty name attribute", i);
                continue;
            }

            // Check for an embedded slash.
            int slash=XMLString::indexOf(n,chForwardSlash);
            if (slash>0) {
                // Copy the first path segment.
                XMLCh* namebuf=new XMLCh[slash + 1];
                for (int pos=0; pos < slash; pos++)
                    namebuf[pos]=n[pos];
                namebuf[slash]=chNull;
                
                // Move past the slash in the original pathname.
                n=n+slash+1;
                
                // Skip any leading slashes again.
                while (*n==chForwardSlash)
                    n++;
                
                if (*n) {
                    // Create a placeholder Path element for the first path segment and replant under it.
                    DOMElement* newpath=path->getOwnerDocument()->createElementNS(shibspconstants::SHIB2SPCONFIG_NS,Path);
                    newpath->setAttributeNS(NULL,name,namebuf);
                    path->setAttributeNS(NULL,name,n);
                    path->getParentNode()->replaceChild(newpath,path);
                    newpath->appendChild(path);
                    
                    // Repoint our locals at the new parent.
                    path=newpath;
                    n=path->getAttributeNS(NULL,name);
                }
                else {
                    // All we had was a pathname with trailing slash(es), so just reset it without them.
                    path->setAttributeNS(NULL,name,namebuf);
                    n=path->getAttributeNS(NULL,name);
                }
                delete[] namebuf;
            }
            
            Override* o=new Override(path,log,this);
            pair<bool,const char*> name=o->getString("name");
            char* dup=strdup(name.second);
            for (char* pch=dup; *pch; pch++)
                *pch=tolower(*pch);
            if (m_map.count(dup)) {
                log.warn("Skipping duplicate Path element (%s)",dup);
                free(dup);
                delete o;
                continue;
            }
            m_map[dup]=o;
            free(dup);
        }
    }
    catch (exception&) {
        delete m_acl;
        for_each(m_map.begin(),m_map.end(),xmltooling::cleanup_pair<string,Override>());
        throw;
    }
}