Esempio n. 1
0
// Load elements
void XKMSPendingRequestImpl::load() {

	if (m_msg.mp_messageAbstractTypeElement == NULL) {

		// Attempt to load an empty element
		throw XSECException(XSECException::XKMSError,
			"XKMSPendingRequest::load - called on empty DOM");

	}

	if (!strEquals(getXKMSLocalName(m_msg.mp_messageAbstractTypeElement), 
									XKMSConstants::s_tagPendingRequest)) {
	
		throw XSECException(XSECException::XKMSError,
			"XKMSPendingRequest::load - called incorrect node");
	
	}

	// Load the base message
	m_request.load();

	// Now check for ResponseId attribute
	mp_responseIdAttr = 
		m_msg.mp_messageAbstractTypeElement->getAttributeNodeNS(NULL, XKMSConstants::s_tagResponseId);

	if (mp_responseIdAttr == NULL) {
		// Attempt to load an empty element
		throw XSECException(XSECException::ExpectedXKMSChildNotFound,
			"XKMSPendingRequest::load - No ResponseId attribute found");
	}
}
Esempio n. 2
0
void TXFMXPath::evaluateEnvelope(DOMNode *t) {

	// A special case where the XPath expression is already known

	if (document == NULL) {

		throw XSECException(XSECException::XPathError, 
		   "Attempt to define XPath Name Space before setInput called");

	}

	DOMElement * e = document->getDocumentElement();

	if (e == NULL) {

		throw XSECException(XSECException::XPathError, 
              "Element node not found in Document");

	}

	// Set the xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"

	e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, MAKE_UNICODE_STRING("xmlns:dsig"), DSIGConstants::s_unicodeStrURIDSIG);
	
	
	// Evaluate

	evaluateExpr(t, XPATH_EXPR_ENVELOPE);

	// Now we are done, remove the namespace
	
	e->removeAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, MAKE_UNICODE_STRING("dsig"));

}
Esempio n. 3
0
void XKMSRecoverRequestImpl::load(void) {

	if (m_msg.mp_messageAbstractTypeElement == NULL) {

		// Attempt to load an empty element
		throw XSECException(XSECException::XKMSError,
			"XKMSRecoverRequest::load - called on empty DOM");

	}

	if (!strEquals(getXKMSLocalName(m_msg.mp_messageAbstractTypeElement), 
									XKMSConstants::s_tagRecoverRequest)) {
	
		throw XSECException(XSECException::XKMSError,
			"XKMSRecoverRequest::load - called on incorrect node");
	
	}

	// Load the base message
	m_request.load();

	// Now check for any RecoverKeyBinding elements
	DOMElement * tmpElt = findFirstElementChild(m_msg.mp_messageAbstractTypeElement);
	while (tmpElt != NULL && !strEquals(getXKMSLocalName(tmpElt), XKMSConstants::s_tagRecoverKeyBinding)) {
		tmpElt = findNextElementChild(tmpElt);
	}

	if (tmpElt != NULL) {

		XSECnew(mp_recoverKeyBinding, XKMSRecoverKeyBindingImpl(m_msg.mp_env, tmpElt));
		mp_recoverKeyBinding->load();

		tmpElt = findNextElementChild(tmpElt);

	}
	else {

		throw XSECException(XSECException::ExpectedXKMSChildNotFound,
			"XKMSRecoverRequest::load - Expected RecoverKeyBinding node");
	
	}

	// Authentication Element 

	if (tmpElt != NULL && strEquals(getXKMSLocalName(tmpElt), XKMSConstants::s_tagAuthentication)) {

		XSECnew(mp_authentication, XKMSAuthenticationImpl(m_msg.mp_env, tmpElt));
		mp_authentication->load(mp_recoverKeyBinding->getId());

	}
	else {

		throw XSECException(XSECException::ExpectedXKMSChildNotFound,
			"XKMSRecoverRequest::load - Expected Authentication node");
	
	}

}
bool DSIGAlgorithmHandlerDefault::appendHashTxfm(
		TXFMChain * inputBytes,
		const XMLCh * URI) {

	hashMethod hm;

	// Is this a URI we recognise?

	if (!XSECmapURIToHashMethod(URI, hm)) {
		safeBuffer sb;
		sb.sbTranscodeIn("DSIGAlgorithmHandlerDefault - Unknown Hash URI : ");
		sb.sbXMLChCat(URI);

		throw XSECException(XSECException::AlgorithmMapperError, 
			sb.rawXMLChBuffer());
	}

	TXFMBase * txfm;
	DOMDocument *d = inputBytes->getLastTxfm()->getDocument();
	switch (hm) {

	case HASH_SHA1 :
	case HASH_SHA224 :
	case HASH_SHA256 :
	case HASH_SHA384 :
	case HASH_SHA512 :

		XSECnew(txfm, TXFMSHA1(d, hm));
		break;
	
	case HASH_MD5 :

		XSECnew(txfm, TXFMMD5(d));
		break;

	default :

		safeBuffer sb;
		sb.sbTranscodeIn("DSIGAlgorithmHandlerDefault - Internal error unknown Hash, but URI known. URI : ");
		sb.sbXMLChCat(URI);

		throw XSECException(XSECException::AlgorithmMapperError, 
			sb.rawXMLChBuffer());

	}

	inputBytes->appendTxfm(txfm);

	return true;

}
Esempio n. 5
0
DSIGReferenceList *DSIGReference::loadReferenceListFromXML(const XSECEnv * env, DOMNode *firstReference) {

	// Have the first reference element in the document,
	// so want to find and load them all

	DOMNode *tmpRef = firstReference;
	DSIGReferenceList * refList;
	DSIGReference * r;

	XSECnew(refList, DSIGReferenceList());
	Janitor<DSIGReferenceList> j_refList(refList);

	while (tmpRef != 0) {

		// Must be an element node

		if (tmpRef->getNodeType() != DOMNode::ELEMENT_NODE ||
			!strEquals(getDSIGLocalName(tmpRef), "Reference")) {

			throw XSECException(XSECException::ExpectedDSIGChildNotFound,
				"Expected <Reference> as child of <SignedInfo>");

		}

		XSECnew(r, DSIGReference(env, tmpRef));

		refList->addReference(r);

		// Load the reference before moving on
		r->load();

		// Find next element Node
		tmpRef = tmpRef->getNextSibling();

		while (tmpRef != 0 && tmpRef->getNodeType() != DOMNode::ELEMENT_NODE) {
			if (tmpRef->getNodeType() == DOMNode::ENTITY_REFERENCE_NODE) {
				throw XSECException(XSECException::ExpectedDSIGChildNotFound,
					"EntityReference nodes in <Reference> are unsupported.");
			}
			tmpRef = tmpRef->getNextSibling();
		}

	}

	j_refList.release();
	return refList;

}
Esempio n. 6
0
TXFMSHA1::TXFMSHA1(DOMDocument *doc,
									 XSECCryptoKey * key) : TXFMBase (doc) {

	toOutput = 0;					// Nothing yet to output

	if (key == NULL)
		// Get a SHA1 worker
		mp_h = XSECPlatformUtils::g_cryptoProvider->hashSHA1();
	else {
		// Get an HMAC Sha1
		
		mp_h = XSECPlatformUtils::g_cryptoProvider->hashHMACSHA1();
		mp_h->setKey(key);

	}

	
	if (!mp_h) {

		throw XSECException(XSECException::CryptoProviderError, 
				"Error requesting SHA1 object from Crypto Provider");

	}
									
};
Esempio n. 7
0
void DSIGObject::load(void) {

	if (mp_objectNode == NULL || 
		mp_objectNode->getNodeType() != DOMNode::ELEMENT_NODE || 
		!strEquals(getDSIGLocalName(mp_objectNode), s_Object)) {

		throw XSECException(XSECException::ObjectError,
			"Expected <Object> Node in DSIGObject::load");

	}


	mp_idAttr = ((DOMElement *) mp_objectNode)->getAttributeNodeNS(NULL, s_Id);
	if (mp_idAttr) {
#if defined (XSEC_XERCES_HAS_SETIDATTRIBUTE)
	    ((DOMElement *) mp_objectNode)->setIdAttributeNS(NULL, s_Id);
#elif defined (XSEC_XERCES_HAS_BOOLSETIDATTRIBUTE)
		((DOMElement *) mp_objectNode)->setIdAttributeNS(NULL, s_Id, true);
#endif
	}

	mp_mimeTypeAttr = ((DOMElement *) mp_objectNode)->getAttributeNodeNS(NULL, s_MimeType);
	mp_encodingAttr = ((DOMElement *) mp_objectNode)->getAttributeNodeNS(NULL, s_Encoding);

}
Esempio n. 8
0
void safeBuffer::sbStrlwr(void) {

	if (m_bufferType == BUFFER_UNKNOWN) {

		throw XSECException(XSECException::SafeBufferError,
			"Attempt to perform an operation on a buffer of incorrect type");

	}

	if (m_bufferType == BUFFER_CHAR) {

	    xsecsize_t i, l = (xsecsize_t) strlen((char *) buffer);

		for (i = 0; i < l; ++i) {
			if (buffer[i] >= 'A' && buffer[i] <= 'Z')
				buffer[i] = (buffer[i] - 'A') + 'a';
		}

	}

	else {

		XMLCh * b = (XMLCh *) buffer;
		xsecsize_t i, l = XMLString::stringLen(b);

		for (i = 0; i < l; ++i) {
			if (b[i] >= XERCES_CPP_NAMESPACE_QUALIFIER chLatin_A && b[i] <= XERCES_CPP_NAMESPACE_QUALIFIER chLatin_Z)
				b[i] = (b[i] - XERCES_CPP_NAMESPACE_QUALIFIER chLatin_A) + XERCES_CPP_NAMESPACE_QUALIFIER chLatin_a;
		}

	}

}
bool DSIGAlgorithmHandlerDefault::appendSignatureHashTxfm(TXFMChain * inputBytes,
														  const XMLCh * URI,
														  XSECCryptoKey * key) {

	signatureMethod sm;
	hashMethod hm;

	// Map to internal constants

	if (!XSECmapURIToSignatureMethods(URI, sm, hm)) {
		safeBuffer sb;
		sb.sbTranscodeIn("DSIGAlgorithmHandlerDefault - Unknown URI : ");
		sb.sbXMLChCat(URI);

		throw XSECException(XSECException::AlgorithmMapperError, 
			sb.rawXMLChBuffer());
	}

	// Now append the appropriate hash transform onto the end of the chain
	// If this is an HMAC of some kind - this function will add the appropriate key

	TXFMBase * htxfm = addHashTxfm(sm, hm, key, inputBytes->getLastTxfm()->getDocument());
	inputBytes->appendTxfm(htxfm);

	return true;

}
Esempio n. 10
0
void clearXPathNS(DOMDocument *d, 
				  XSECXPathNodeList &toRemove,
				  XSECSafeBufferFormatter *formatter,
				  XSECNameSpaceExpander * nse) {

	// Clear the XPath name spaces in the document element attribute list

	DOMElement * e = d->getDocumentElement();

	if (e == NULL) {

		throw XSECException(XSECException::XPathError, "Element node not found in Document");

	}

	// Run through each node in the added nodes

	const DOMNode * r = toRemove.getFirstNode();
	while (r != NULL) {
		e->removeAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, 
					r->getLocalName());
		r = toRemove.getNextNode();
	}

	e->removeAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
					 MAKE_UNICODE_STRING(KLUDGE_PREFIX));

}
Esempio n. 11
0
// Load elements
void XKMSRegisterResultImpl::load() {

	if (m_msg.mp_messageAbstractTypeElement == NULL) {

		// Attempt to load an empty element
		throw XSECException(XSECException::XKMSError,
			"XKMSRegisterResult::load - called on empty DOM");

	}

	if (!strEquals(getXKMSLocalName(m_msg.mp_messageAbstractTypeElement), 
									XKMSConstants::s_tagRegisterResult)) {
	
		throw XSECException(XSECException::XKMSError,
			"XKMSRegisterResult::load - called incorrect node");
	
	}

	// Get any UnverifiedKeyBinding elements
	DOMNodeList * nl = m_msg.mp_messageAbstractTypeElement->getElementsByTagNameNS(
		XKMSConstants::s_unicodeStrURIXKMS,
		XKMSConstants::s_tagKeyBinding);

	if (nl != NULL) {

		XKMSKeyBindingImpl * kb;
		for (unsigned int i = 0; i < nl->getLength() ; ++ i) {

			XSECnew(kb, XKMSKeyBindingImpl(m_msg.mp_env, (DOMElement *) nl->item(i)));
			m_keyBindingList.push_back(kb);
			kb->load();

		}

	}

	nl = m_msg.mp_messageAbstractTypeElement->getElementsByTagNameNS(
		XKMSConstants::s_unicodeStrURIXKMS,
		XKMSConstants::s_tagPrivateKey);

	if (nl != NULL)
		mp_privateKeyElement = (DOMElement *) nl->item(0);

	// Load the base message
	m_result.load();

}
Esempio n. 12
0
void XKMSUseKeyWithImpl::setApplication(const XMLCh * uri) {
	if (mp_applicationAttr == NULL) {
		throw XSECException(XSECException::XKMSError,
			"XKMSUseKeyWith::setApplication - called on non-loaded construct");
	}

	mp_applicationAttr->setNodeValue(uri);

}
Esempio n. 13
0
void safeBuffer::checkBufferType(bufferType bt) const {

	if (bt != m_bufferType) {

		throw XSECException(XSECException::SafeBufferError,
			"Attempt to perform an operation on a buffer of incorrect type");
	}

}
Esempio n. 14
0
void XENCEncryptionMethodImpl::setMGF(const XMLCh * mgf) {

	if (mp_mgfAlgorithmAttr == NULL) {

		// Need to create
		if (mp_oaepParamsTextNode == NULL && mp_digestAlgorithmAttr == NULL && mp_keySizeTextNode == NULL) {
			mp_env->doPrettyPrint(mp_encryptionMethodElement);
		}

		// Get some setup values
		safeBuffer str;
		DOMDocument *doc = mp_env->getParentDocument();
		const XMLCh * prefix = mp_env->getXENC11NSPrefix();

		makeQName(str, prefix, s_MGF);

		DOMElement *e = doc->createElementNS(DSIGConstants::s_unicodeStrURIXENC11, str.rawXMLChBuffer());
		mp_encryptionMethodElement->appendChild(e);
		mp_env->doPrettyPrint(mp_encryptionMethodElement);

		e->setAttributeNS(NULL,
					DSIGConstants::s_unicodeStrAlgorithm,
					mgf);

		// Set namespace

		if (prefix[0] == XERCES_CPP_NAMESPACE_QUALIFIER chNull) {
			str.sbTranscodeIn("xmlns");
		}
		else {
			str.sbTranscodeIn("xmlns:");
			str.sbXMLChCat(prefix);
		}

		e->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS, 
								str.rawXMLChBuffer(), 
								DSIGConstants::s_unicodeStrURIXENC11);

		// Now retrieve for later use
		mp_mgfAlgorithmAttr =
			e->getAttributeNodeNS(NULL, 
				DSIGConstants::s_unicodeStrAlgorithm);

		if (mp_mgfAlgorithmAttr == NULL) {

			throw XSECException(XSECException::EncryptionMethodError,
				"XENCEncryptionMethod::setMGF - Error creating Algorithm Attribute");
		}
	} 
	
	else {

		mp_mgfAlgorithmAttr->setNodeValue(mgf);

	}

}
XSECCryptoKey * DSIGAlgorithmHandlerDefault::createKeyForURI(
		const XMLCh * uri,
		const unsigned char * keyBuffer,
		unsigned int keyLen
		) {

	throw XSECException(XSECException::AlgorithmMapperError, 
			"DSIGAlgorithmHandlerDefault - Key creation operations not supported");

}
bool DSIGAlgorithmHandlerDefault::appendDecryptCipherTXFM(
		TXFMChain * cipherText,
		XENCEncryptionMethod * encryptionMethod,
		XSECCryptoKey * key,
		XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument * doc
		) {

	throw XSECException(XSECException::AlgorithmMapperError, 
			"DSIGAlgorithmHandlerDefault - Encryption operations not supported");
}
Esempio n. 17
0
bool XKMSStatusImpl::getStatusReason(StatusValue status, StatusReason reason) const {

	if (status == StatusUndefined || reason == ReasonUndefined) {
		throw XSECException(XSECException::StatusError,
			"XKMSStatus::getStatusReason - status or reason undefined");
	}

	return (m_statusReasons[status-1][reason-1] != NULL);

}
Esempio n. 18
0
XKMSKeyBinding * XKMSRegisterResultImpl::getKeyBindingItem(int item) const {

	if (item < 0 || item >= (int) m_keyBindingList.size()) {
		throw XSECException(XSECException::XKMSError,
			"XKMSRegisterResult::getKeyBindingItem - item out of range");
	}

	return m_keyBindingList[item];

}
Esempio n. 19
0
XKMSUnverifiedKeyBinding * XKMSLocateResultImpl::getUnverifiedKeyBindingItem(int item) const {

	if (item < 0 || item >= (int) m_unverifiedKeyBindingList.size()) {
		throw XSECException(XSECException::XKMSError,
			"XKMSLocateResult::getUnverifiedKeyBindingItem - item out of range");
	}

	return m_unverifiedKeyBindingList[item];

}
Esempio n. 20
0
void XKMSUseKeyWithImpl::setIdentifier(const XMLCh * identifier) {

	if (mp_identifierAttr == NULL) {
		throw XSECException(XSECException::XKMSError,
			"XKMSUseKeyWith::setIdentifier - called on non-loaded construct");
	}

	mp_identifierAttr->setNodeValue(identifier);

}
Esempio n. 21
0
const XMLCh * XKMSUseKeyWithImpl::getIdentifier(void) const {

	if (mp_identifierAttr == NULL) {
		throw XSECException(XSECException::XKMSError,
			"XKMSUseKeyWith::getIdentifier - called on non-loaded construct");
	}

	return mp_identifierAttr->getNodeValue();

}
Esempio n. 22
0
void DSIGTransformXPath::load(void) {

	// Find the XPath expression
	
	mp_xpathNode = mp_txfmNode->getFirstChild();

	while (mp_xpathNode != 0 && 
		mp_xpathNode->getNodeType() != DOMNode::ELEMENT_NODE && !strEquals(mp_xpathNode->getNodeName(), "XPath"))
		mp_xpathNode = mp_xpathNode->getNextSibling();
	
	if (mp_xpathNode == 0) {

		throw XSECException(XSECException::ExpectedDSIGChildNotFound,
			"Expected <XPath> Node in DSIGTransformXPath::load");
	}
	
	else {
		
		// Check for attributes - in particular any namespaces

		mp_NSMap = mp_xpathNode->getAttributes();
		
		// Find the text node
		mp_exprTextNode = findFirstChildOfType(mp_xpathNode, DOMNode::TEXT_NODE);

		if (mp_exprTextNode == NULL) {
			throw XSECException(XSECException::ExpectedDSIGChildNotFound,
				"Expected Text Node in beneath <XPath> in DSIGTransformXPath::load");
		}

		// Gather the text
		safeBuffer exprSB;

		gatherChildrenText(mp_xpathNode, exprSB);

		m_expr << (*(mp_env->getSBFormatter()) << exprSB.rawXMLChBuffer());

		//m_expr << (*(mp_env->getSBFormatter()) << mp_exprTextNode->getNodeValue());
				
	}

}
Esempio n. 23
0
// Load elements
void XKMSCompoundResultImpl::load() {

	if (m_msg.mp_messageAbstractTypeElement == NULL) {

		// Attempt to load an empty element
		throw XSECException(XSECException::XKMSError,
			"XKMSCompoundResult::load - called on empty DOM");

	}

	if (!strEquals(getXKMSLocalName(m_msg.mp_messageAbstractTypeElement), 
									XKMSConstants::s_tagCompoundResult)) {
	
		throw XSECException(XSECException::XKMSError,
			"XKMSCompoundResult::load - called incorrect node");
	
	}

	// Load the base message
	m_result.load();

	// Now find all Result elements
	DOMElement * e = findFirstElementChild(m_msg.mp_messageAbstractTypeElement);

	while (e != NULL) {

		if (strEquals(getXKMSLocalName(e), XKMSConstants::s_tagLocateResult) ||
			strEquals(getXKMSLocalName(e), XKMSConstants::s_tagValidateResult)) {

			// Have a legitimate Result to load
			XKMSMessageAbstractTypeImpl * m = 
				(XKMSMessageAbstractTypeImpl *) m_factory.newMessageFromDOM(e);
			m_resultList.push_back((XKMSResultTypeImpl *) m);

		}

		e = findNextElementChild(e);

	}
	

}
Esempio n. 24
0
void DSIGObject::appendChild(DOMNode * child) {

	if (mp_objectNode == NULL) {

		throw XSECException(XSECException::ObjectError,
			"DSIGObject::appendChild - Object node has not been created");

	}

	mp_objectNode->appendChild(child);

}
unsigned int DSIGAlgorithmHandlerDefault::decryptToSafeBuffer(
		TXFMChain * cipherText,
		XENCEncryptionMethod * encryptionMethod,
		XSECCryptoKey * key,
		DOMDocument * doc,
		safeBuffer & result
		) {

	throw XSECException(XSECException::AlgorithmMapperError, 
			"DSIGAlgorithmHandlerDefault - Encryption operations not supported");

}
Esempio n. 26
0
const XMLCh * XKMSPendingRequestImpl::getResponseId(void) const {

	if (mp_responseIdAttr == NULL) {

		// Attempt read when not initialised
		throw XSECException(XSECException::MessageAbstractTypeError,
			"XKMSPendingRequest::getResponseId - called on non-initialised structure");

	}

	return 	mp_responseIdAttr->getNodeValue();
}
bool DSIGAlgorithmHandlerDefault::encryptToSafeBuffer(
		TXFMChain * plainText,
		XENCEncryptionMethod * encryptionMethod,
		XSECCryptoKey * key,
		XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument * doc,
		safeBuffer & result
		) {

	throw XSECException(XSECException::AlgorithmMapperError, 
			"DSIGAlgorithmHandlerDefault - Encryption operations not supported");

}
const char * DSIGKeyInfoValue::getRSAExponent(void) {

	if (m_keyInfoType != KEYINFO_VALUE_RSA) {

		throw XSECException(XSECException::KeyInfoError,
			"Attempt to Get an RSA Exponent from a non-RSAValue KeyValue node");

	}

	return m_exponent.rawCharBuffer();

}
Esempio n. 29
0
XKMSResultType * XKMSCompoundResultImpl::getResultListItem(int item) {

	if (item < 0 || item >= (int) m_resultList.size()) {

		throw XSECException(XSECException::XKMSError,
			"XKMSCompoundResult::getResultListItem - item out of range");
	}

	return m_resultList[item];


}
Esempio n. 30
0
XSECAlgorithmHandler * XSECAlgorithmMapper::mapURIToHandler(const XMLCh * URI) const {

    bool allowed = true;
    if (!m_whitelist.empty()) {
        allowed = false;
        for (WhitelistVectorType::const_iterator i = m_whitelist.begin(); !allowed && i != m_whitelist.end(); ++i) {
            if (XMLString::equals(URI, *i))
                allowed = true;
        }
    }

    if (allowed && !m_blacklist.empty()) {
        for (WhitelistVectorType::const_iterator i = m_blacklist.begin(); allowed && i != m_blacklist.end(); ++i) {
            if (XMLString::equals(URI, *i))
                allowed = false;
        }
    }

    if (!allowed) {
        safeBuffer output;
        output.sbTranscodeIn("XSECAlgorithmMapper::mapURIToHandler - URI ");
        output.sbXMLChCat(URI);
        output.sbXMLChCat(" disallowed by whitelist/blacklist policy");
        throw XSECException(XSECException::AlgorithmMapperError,
            output.rawXMLChBuffer());
    }

	MapperEntry * entry = findEntry(URI);

	if (entry == NULL) {
		safeBuffer output;
		output.sbTranscodeIn("XSECAlgorithmMapper::mapURIToHandler - URI ");
		output.sbXMLChCat(URI);
		output.sbXMLChCat(" not found");
		throw XSECException(XSECException::AlgorithmMapperError,
			output.rawXMLChBuffer());
	}

	return entry->mp_handler;
}