00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071 #ifndef DSIGSIGNATURE_INCLUDE
00072 #define DSIGSIGNATURE_INCLUDE
00073
00074
00075 #include <xsec/utils/XSECSafeBufferFormatter.hpp>
00076 #include <xsec/dsig/DSIGTransform.hpp>
00077 #include <xsec/dsig/DSIGKeyInfoList.hpp>
00078 #include <xsec/dsig/DSIGConstants.hpp>
00079 #include <xsec/dsig/DSIGSignedInfo.hpp>
00080
00081
00082
00083 #include <xercesc/dom/DOM.hpp>
00084
00085 class XSECBinTXFMInputStream;
00086 class XSECURIResolver;
00087 class XSECKeyInfoResolver;
00088 class DSIGKeyInfoValue;
00089 class DSIGKeyInfoX509;
00090 class DSIGKeyInfoName;
00091
00095
00096
00106 class DSIG_EXPORT DSIGSignature {
00107
00108 protected:
00109
00112
00129 DSIGSignature(DOMDocument *doc, DOMNode *sigNode);
00130 ~DSIGSignature();
00132
00133 public:
00134
00137
00147 void load(void);
00148
00162 void setSigningKey(XSECCryptoKey *k);
00163
00165
00168
00193 bool verify(void);
00194
00205 bool verifySignatureOnly(void);
00206
00232 void sign(void);
00234
00237
00258 void setDSIGNSPrefix(const XMLCh * prefix);
00259
00283 DOMElement *createBlankSignature(DOMDocument *doc,
00284 canonicalizationMethod cm = CANON_C14N_NOC,
00285 signatureMethod sm = SIGNATURE_DSA,
00286 hashMethod hm = HASH_SHA1);
00287
00308 DSIGReference * createReference(const XMLCh * URI,
00309 hashMethod hm = HASH_SHA1, char * type = NULL);
00310
00312
00315
00329 unsigned int calculateSignedInfoHash(unsigned char * hashBuf,
00330 unsigned int hashBufLen);
00331
00341 DSIGReferenceList * getReferenceList(void);
00342
00356 XSECBinTXFMInputStream * makeBinInputStream(void) const;
00357
00358
00372 const XMLCh * getErrMsgs(void);
00373
00382 const XMLCh * getDSIGNSPrefix() {return mp_prefixNS;}
00383
00394 DOMDocument * getParentDocument() {return mp_doc;}
00395
00403 XSECSafeBufferFormatter * getSBFormatter(void) {return mp_formatter;}
00404
00406
00409
00418 void setURIResolver(XSECURIResolver * resolver);
00419
00426 XSECURIResolver * getURIResolver(void);
00427
00436 void setKeyInfoResolver(XSECKeyInfoResolver * resolver);
00437
00444 XSECKeyInfoResolver * getKeyInfoResolver(void);
00445
00447
00451
00467 DSIGKeyInfoList * getKeyInfoList() {return &m_keyInfoList;}
00468
00477 void clearKeyInfo(void);
00478
00491 DSIGKeyInfoValue * appendDSAKeyValue(const XMLCh * P,
00492 const XMLCh * Q,
00493 const XMLCh * G,
00494 const XMLCh * Y);
00495
00507 DSIGKeyInfoX509 * appendX509Data(void);
00508
00518 DSIGKeyInfoName * appendKeyName(const XMLCh * name);
00519
00521
00522 friend class XSECProvider;
00523
00524 private:
00525
00526
00527 void createKeyInfoElement(void);
00528 bool verifySignatureOnlyInternal(void);
00529
00530 XSECSafeBufferFormatter * mp_formatter;
00531 bool m_loaded;
00532 DOMDocument * mp_doc;
00533 DOMNode * mp_sigNode;
00534 DSIGSignedInfo * mp_signedInfo;
00535 DOMNode * mp_signatureValueNode;
00536 safeBuffer m_signatureValueSB;
00537 DSIGKeyInfoList m_keyInfoList;
00538 DOMNode * mp_KeyInfoNode;
00539 safeBuffer m_errStr;
00540
00541
00542 XMLCh * mp_prefixNS;
00543
00544
00545 XSECCryptoKey * mp_signingKey;
00546
00547
00548 XSECURIResolver * mp_URIResolver;
00549 XSECKeyInfoResolver * mp_KeyInfoResolver;
00550
00551
00552
00553 DSIGSignature();
00554
00555
00556 };
00557
00558 #endif