00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071 #ifndef DSIGSIGNATURE_INCLUDE
00072 #define DSIGSIGNATURE_INCLUDE
00073
00074
00075 #include <xsec/utils/XSECSafeBufferFormatter.hpp>
00076 #include <xsec/dsig/DSIGTransform.hpp>
00077 #include <xsec/dsig/DSIGKeyInfoList.hpp>
00078 #include <xsec/dsig/DSIGConstants.hpp>
00079 #include <xsec/dsig/DSIGSignedInfo.hpp>
00080
00081
00082
00083 #include <xercesc/dom/DOM.hpp>
00084
00085 class XSECBinTXFMInputStream;
00086 class XSECURIResolver;
00087 class XSECKeyInfoResolver;
00088 class DSIGKeyInfoValue;
00089 class DSIGKeyInfoX509;
00090 class DSIGKeyInfoName;
00091
00095
00096
00106 class DSIG_EXPORT DSIGSignature {
00107
00108 protected:
00109
00112
00129 DSIGSignature(DOMDocument *doc, DOMNode *sigNode);
00130 ~DSIGSignature();
00132
00133 public:
00134
00137
00147 void load(void);
00148
00162 void setSigningKey(XSECCryptoKey *k);
00163
00165
00168
00193 bool verify(void);
00194
00205 bool verifySignatureOnly(void);
00206
00232 void sign(void);
00234
00237
00258 void setDSIGNSPrefix(const XMLCh * prefix);
00259
00276 void setECNSPrefix(const XMLCh * prefix);
00277
00301 DOMElement *createBlankSignature(DOMDocument *doc,
00302 canonicalizationMethod cm = CANON_C14N_NOC,
00303 signatureMethod sm = SIGNATURE_DSA,
00304 hashMethod hm = HASH_SHA1);
00305
00326 DSIGReference * createReference(const XMLCh * URI,
00327 hashMethod hm = HASH_SHA1, char * type = NULL);
00328
00330
00333
00347 unsigned int calculateSignedInfoHash(unsigned char * hashBuf,
00348 unsigned int hashBufLen);
00349
00359 DSIGReferenceList * getReferenceList(void);
00360
00374 XSECBinTXFMInputStream * makeBinInputStream(void) const;
00375
00376
00390 const XMLCh * getErrMsgs(void);
00391
00400 const XMLCh * getDSIGNSPrefix() {return mp_prefixNS;}
00401
00409 const XMLCh * getECNSPrefix() {return mp_ecPrefixNS;}
00410
00421 DOMDocument * getParentDocument() {return mp_doc;}
00422
00432 canonicalizationMethod getCanonicalizationMethod(void)
00433 {return (mp_signedInfo != NULL ?
00434 mp_signedInfo->getCanonicalizationMethod() : CANON_NONE);}
00435
00436
00446 hashMethod getHashMethod(void)
00447 {return (mp_signedInfo != NULL ?
00448 mp_signedInfo->getHashMethod() : HASH_NONE);}
00449
00459 signatureMethod getSignatureMethod(void)
00460 {return (mp_signedInfo != NULL ?
00461 mp_signedInfo->getSignatureMethod() : SIGNATURE_NONE);}
00462
00470 XSECSafeBufferFormatter * getSBFormatter(void) {return mp_formatter;}
00471
00473
00476
00485 void setURIResolver(XSECURIResolver * resolver);
00486
00493 XSECURIResolver * getURIResolver(void);
00494
00503 void setKeyInfoResolver(XSECKeyInfoResolver * resolver);
00504
00511 XSECKeyInfoResolver * getKeyInfoResolver(void);
00512
00514
00518
00534 DSIGKeyInfoList * getKeyInfoList() {return &m_keyInfoList;}
00535
00544 void clearKeyInfo(void);
00545
00558 DSIGKeyInfoValue * appendDSAKeyValue(const XMLCh * P,
00559 const XMLCh * Q,
00560 const XMLCh * G,
00561 const XMLCh * Y);
00562
00573 DSIGKeyInfoValue * appendRSAKeyValue(const XMLCh * modulus,
00574 const XMLCh * exponent);
00575
00587 DSIGKeyInfoX509 * appendX509Data(void);
00588
00598 DSIGKeyInfoName * appendKeyName(const XMLCh * name);
00599
00601
00602 friend class XSECProvider;
00603
00604 private:
00605
00606
00607 void createKeyInfoElement(void);
00608 bool verifySignatureOnlyInternal(void);
00609
00610 XSECSafeBufferFormatter * mp_formatter;
00611 bool m_loaded;
00612 DOMDocument * mp_doc;
00613 DOMNode * mp_sigNode;
00614 DSIGSignedInfo * mp_signedInfo;
00615 DOMNode * mp_signatureValueNode;
00616 safeBuffer m_signatureValueSB;
00617 DSIGKeyInfoList m_keyInfoList;
00618 DOMNode * mp_KeyInfoNode;
00619 safeBuffer m_errStr;
00620
00621
00622 XMLCh * mp_prefixNS;
00623 XMLCh * mp_ecPrefixNS;
00624
00625
00626 XSECCryptoKey * mp_signingKey;
00627
00628
00629 XSECURIResolver * mp_URIResolver;
00630 XSECKeyInfoResolver * mp_KeyInfoResolver;
00631
00632
00633
00634 DSIGSignature();
00635
00636
00637 };
00638
00639 #endif