--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/webservices/wsstar/wsstarpolicy/inc/wssecuritypolicy.h Thu Jan 07 16:19:19 2010 +0200
@@ -0,0 +1,639 @@
+/*
+* Copyright (c) 2006-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Header declaration
+*
+*/
+
+
+
+
+
+
+
+
+#ifndef WSSTAR_SECURITY_POLICY_H
+#define WSSTAR_SECURITY_POLICY_H
+
+#include <SenElement.h>
+
+#include "wssecuritypolicyconstants.h"
+
+
+// CLASS DECLARATION
+/**
+ * Class: CWsSecurityPolicy
+ *
+ * Description: Class which can holds the information found in a WS SecurityPolicy Assertion
+ * The information can be Intersected and Merged with other CWsSecurityPolicy
+ * object and a resultant CSenElement* will be provided holding Intersected or Merged data.
+ */
+class CWsSecurityPolicy : public CBase
+ {
+ public:
+
+ /**
+ * Standard 2 phase constructor
+ * @since Series60 5.0
+ * @return new instance of CWsSecurityPolicy object
+ */
+ static CWsSecurityPolicy* NewL();
+ static CWsSecurityPolicy* NewLC();
+
+ virtual ~CWsSecurityPolicy();
+ /**
+ * Intersect the two WsSecurityPolicy Assertions
+ * @since Series60 5.0
+ * @param aKey: Name of the WsSecurityPolicy assertion
+ * @param aFirst: First assertion to intersect
+ * @param aSecond: Second assertion to intersect with aFirst
+ * @return new Element containing the Intersected Element
+ * or NULL if intersection return no result
+ */
+
+ CSenElement* IntersectL(TDesC8& aKey, CSenElement* aFirst, CSenElement* aSecond); //codescannerwarnings
+
+ /**
+ * Merge the two WsSecurityPolicy Assertions
+ * @since Series60 5.0
+ * @param aKey: Name of the WsSecurityPolicy assertion
+ * @param aFirst: First assertion to merge
+ * @param aSecond: Second assertion to merge with aFirst
+ * @return new Element containing the Merged Element
+ * or NULL if merging return no result
+ */
+ CSenElement* MergeL(TDesC8& aKey, CSenElement* aFirst, CSenElement* aSecond); //codescannerwarnings
+
+ private:
+ void ConstructL();
+ CWsSecurityPolicy();
+ };
+
+/**
+ * Class: CAlgorithmSuite
+ *
+ * Description: Class which can holds the information found in a WS-SecurityPolicy Assertion "AlgorithmSuite"
+ * and provide information related to that particular assertion
+ */
+
+class CAlgorithmSuite : public CBase
+ {
+ public:
+ static CAlgorithmSuite* NewL(CSenElement* aAlgoSuite);
+ static CAlgorithmSuite* NewLC(CSenElement* aAlgoSuite);
+ virtual ~CAlgorithmSuite();
+
+ TPtrC8 AlgoSuite();
+ TPtrC8 SymmetricSignature();
+ TPtrC8 AsymmetricSignature();
+ TPtrC8 ComputedKey();
+ TInt MaximumSymmetricKeyLength();
+ TInt MinimumAsymmetricKeyLength();
+ TInt MaximumAsymmetricKeyLength();
+ TPtrC8 Digest();
+ TPtrC8 Encryption();
+ TPtrC8 SymmetricKeyWrap();
+ TPtrC8 AsymmetricKeyWrap();
+ TPtrC8 EncryptionKeyDerivation();
+ TPtrC8 SignatureKeyDerivation();
+ TInt MinimumSymmetricKeyLength();
+ TPtrC8 C14n();
+ TPtrC8 SoapNormalization();
+ TPtrC8 StrTransform();
+ TPtrC8 XPath();
+ TPtrC8 XPathFilter20();
+
+
+ void SetC14nL(TDesC8& aValue); //codescannerwarnings
+ void SetSoapNormalizationL(TDesC8& aValue); //codescannerwarnings
+ void SetStrTransformL(TDesC8& aValue); //codescannerwarnings
+ void SetXPathL(TDesC8& aValue); //codescannerwarnings
+ void SetXPathFilter20L(TDesC8& aValue); //codescannerwarnings
+
+ TBool IsEqualAlgoSuite(CAlgorithmSuite* aAlgoSuite);
+
+ private:
+ void ConstructL(CSenElement* aAlgoSuite);
+ void SetAlgoSuiteL(TDesC8& aSuiteName); //codescannerwarnings
+ CAlgorithmSuite();
+
+ private: // Data
+ HBufC8* iAlgoSuite;
+
+ HBufC8* iSymmetricSignature;
+ HBufC8* iAsymmetricSignature;
+ HBufC8* iComputedKey;
+ TInt iMaximumSymmetricKeyLength;
+ TInt iMinimumAsymmetricKeyLength;
+ TInt iMaximumAsymmetricKeyLength;
+ HBufC8* iDigest;
+ HBufC8* iEncryption;
+ HBufC8* iSymmetricKeyWrap;
+ HBufC8* iAsymmetricKeyWrap;
+ HBufC8* iEncryptionKeyDerivation;
+ HBufC8* iSignatureKeyDerivation;
+ TInt iMinimumSymmetricKeyLength;
+ HBufC8* iC14n;
+ HBufC8* iSoapNormalization;
+ HBufC8* iStrTransform;
+ HBufC8* iXPath;
+ HBufC8* iXPathFilter20;
+ };
+
+
+class CXmlHelper : public CBase
+ {
+ public:
+ static CSenElement* RipPolicyXORElementL(CSenElement* aAsymmBinding); //codescannerwarnings
+ static TBool HasAttributeL(CSenElement* aAsymmBinding, const TDesC8& aAttrib);
+ static TPtrC8 AttributeValueL(CSenElement* aAssertion, const TDesC8& aAttrib);
+ private:
+ CXmlHelper() { }
+ CXmlHelper( const CXmlHelper& );
+ CXmlHelper& operator=( const CXmlHelper& );
+
+ };
+
+/**
+ * Class: CLayout
+ *
+ * Description: Class which can holds the information found in a WS-SecurityPolicy Assertion "Layout"
+ * and provide information related to that particular assertion
+ */
+
+class CLayout : public CBase
+ {
+ public:
+ static CLayout* NewL(CSenElement* aLayout);
+ static CLayout* NewLC(CSenElement* aLayout);
+ virtual ~CLayout();
+
+ TPtrC8 Layout() { return iLayout;}
+ TBool IsEqualLayout(CLayout* aLayout);
+
+ private:
+ void ConstructL(CSenElement* aLayout);
+ CLayout();
+ private: // data
+ TPtrC8 iLayout;
+ };
+////////////////////////////////////////////////////
+////////////////////////////////////////////////////
+/**
+ * Class: CToken
+ *
+ * Description: Base class to hold WS-SecurityPolicy Assertion "Token" common values
+ */
+
+class CToken : public CBase
+ {
+ public:
+ virtual ~CToken();
+ protected:
+ CToken();
+
+ inline TPtrC8 GetTokenInclusion() {return iTokenInclusion;}
+ inline TBool DerivedKeys() {return iDerivedKeys;}
+ inline void SetDerivedKeys(TBool aDerivedKeys) { iDerivedKeys = aDerivedKeys; }
+ void BaseConstructL(CSenElement* aToken);
+ private:
+ void ConstructL(CSenElement* aToken);
+ private: // Data
+ TPtrC8 iTokenInclusion;
+ TBool iDerivedKeys;
+ };
+//TOKEN TYPES
+
+/**
+ * Class: CUsernameToken
+ *
+ * Description: Class to hold WS-SecurityPolicy Assertion "UsernameToken"
+ * This class extends the CToken class
+ */
+class CUsernameToken : public CToken
+ {
+ public:
+ static CUsernameToken* NewL(CSenElement* aToken);
+ static CUsernameToken* NewLC(CSenElement* aToken);
+ virtual ~CUsernameToken();
+ TPtrC8 UserNameToken() {return iUsernameTokenProfile;}
+ private:
+ CUsernameToken();
+ void ConstructL(CSenElement* aToken);
+
+ TPtrC8 iUsernameTokenProfile;
+ };
+
+class CRequestSecurityTokenTemplate :public CBase
+ {
+ public:
+ static CRequestSecurityTokenTemplate* NewL(CSenElement* aToken);
+ static CRequestSecurityTokenTemplate* NewLC(CSenElement* aToken);
+ virtual ~CRequestSecurityTokenTemplate();
+ TPtrC8 Token() {return iToken->Des();}
+ TPtrC8 TrustVersion() {return iTrustVersion->Des();}
+ private:
+ CRequestSecurityTokenTemplate();
+ void ConstructL(CSenElement* aToken);
+
+ private: // Data
+ HBufC8* iToken;
+ HBufC8* iTrustVersion;
+ };
+
+class CHttpsToken : public CToken
+{
+ public:
+ static CHttpsToken* NewL(CSenElement* aToken);
+ static CHttpsToken* NewLC(CSenElement* aToken);
+ virtual ~CHttpsToken();
+ TBool RequireClientCertificate() {return iRequireClientCertificate; }
+ CSenElement* HttpsTokenPolicy() {return iPolicy; }
+
+ private:
+ CHttpsToken();
+ void ConstructL(CSenElement* aToken);
+
+ private: // Data
+ TBool iRequireClientCertificate;
+ CSenElement* iPolicy;
+
+};
+
+class CSamlToken : public CToken
+ {
+ public:
+ static CSamlToken* NewL(CSenElement* aToken);
+ static CSamlToken* NewLC(CSenElement* aToken);
+ virtual ~CSamlToken();
+ TBool RequireDerivedKeys() {return iRequireDerivedKeys; }
+ TBool RequireKeyIdentifierReference() {return iRequireKeyIdentifierReference; }
+ TPtrC8 SamlTokenProfile() {return iSamlTokenProfile; }
+
+ private:
+ CSamlToken();
+ void ConstructL(CSenElement* aToken);
+
+ private: // Data
+ TBool iRequireDerivedKeys;
+ TBool iRequireKeyIdentifierReference;
+ TPtrC8 iSamlTokenProfile;
+ };
+
+class CSecureConversationToken : public CToken
+ {
+ public:
+ static CSecureConversationToken* NewL(CSenElement* aToken);
+ static CSecureConversationToken* NewLC(CSenElement* aToken);
+ virtual ~CSecureConversationToken();
+
+ TPtrC8 Issuer();
+ TBool RequireExternalUriReference();
+ TBool SC10SecurityContextToken();
+ TBool RequireDerivedKeys() {return iRequireDerivedKeys; }
+ TBool IsBootstrapPolicy();
+ CSenElement* BootstrapPolicy();
+
+ private:
+ CSecureConversationToken();
+ void ConstructL(CSenElement* aToken);
+
+ private: // Data
+ HBufC8* iIssuer;
+ TBool iRequireExternalUriReference;
+ TBool iSC10SecurityContextToken;
+ TBool iRequireDerivedKeys;
+ TBool iBootstrap;
+ CSenElement* iBootstrapPolicy;
+ };
+
+
+
+/*
+<wsp:Policy>
+<sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+<sp:Issuer>
+ <EndpointReference xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">
+ <Address>http://AdressOfTheSTS.com</Address>
+</sp:Issuer>
+<sp:RequestSecurityTokenTemplate>
+ <!-- Policy defined by the Service for the STS -->
+ <wst:TokenType>urn:oasis:names:tc:SAML:1.1</wst:TokenType>
+ <wst:KeyType> http://schemas.xmlsoap.org/ws/2004/04/trust/SharedKey </wst:KeyType>
+</sp:RequestSecurityTokenTemplate>
+</sp:IssuedToken>
+</wsp:Policy>
+*/
+class CIssuedToken : public CToken
+ {
+ public:
+ static CIssuedToken* NewL(CSenElement* aToken);
+ static CIssuedToken* NewLC(CSenElement* aToken);
+ virtual ~CIssuedToken();
+ CSenElement* Issuer() {return iIssuer; }
+ TBool RequireDerivedKeys() {return iRequireDerivedKeys; }
+ CSenElement* RequestSecurityTokenTemplate() {return iRequestSecurityTokenTemplate;}
+ private:
+ CIssuedToken();
+ void ConstructL(CSenElement* aToken);
+
+ private: // Data
+ CSenElement* iIssuer; //not owned
+ TBool iRequireDerivedKeys;
+ CSenElement* iRequestSecurityTokenTemplate; //not owned
+ TBool iRequireExternalReference;
+ TBool iRequireInternalReference;
+
+ };
+
+//TOKEN HOLDER
+/**
+ * Class: CTokenHolder
+ *
+ * Description: Class to hold different kind of tokens.
+ * It also holds the name of the Token and the token is casted to that particulat token type.
+ */
+
+class CTokenHolder : public CBase
+{
+ public:
+ static CTokenHolder* NewL(CSenElement* aToken);
+ static CTokenHolder* NewLC(CSenElement* aToken);
+ virtual ~CTokenHolder();
+
+ private:
+
+ void ConstructL(CSenElement* aToken);
+ CTokenHolder();
+
+ private: // Data
+ TPtrC8 iTokenType;
+ CToken* iToken;
+};
+
+////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////
+class CBinding : public CBase
+{
+ public:
+ static CBinding* NewL(CSenElement* aBinding);
+ static CBinding* NewLC(CSenElement* aBinding);
+ virtual ~CBinding();
+
+ protected:
+ CBinding();
+ CAlgorithmSuite* GetAlgoSuite() {return iAlgorithmSuite;}
+ CLayout* GetLayout() {return iLayout;}
+ TBool IncludetimeStamp() {return iIncludeTimestamp;}
+ void SetbaseElementL(CSenElement* aBinding);
+
+ private:
+ void ConstructL(CSenElement* aBinding);
+
+ private: // Data
+ CAlgorithmSuite* iAlgorithmSuite;
+ CLayout* iLayout;
+ TBool iIncludeTimestamp;
+};
+
+class CSymmAsymmBinding : public CBinding
+ {
+ public:
+ static CSymmAsymmBinding* NewL(CSenElement* aBinding);
+ static CSymmAsymmBinding* NewLC(CSenElement* aBinding);
+ virtual ~CSymmAsymmBinding();
+
+ protected:
+ void BaseConstructL(CSenElement* aBinding);
+ CSymmAsymmBinding();
+
+ TPtrC8 EncryptBeforeSigning() {return iProtectionOrder;}
+ TBool EncryptSignature() {return iEncryptSignature;}
+ TBool ProtectTokens() {return iProtectTokens;}
+ TBool OnlySignEntireHeadersAndBody() {return iOnlySignEntireHeadersAndBody;}
+
+ private:
+ void ConstructL(CSenElement* aBinding);
+
+ private: // Data
+ TPtrC8 iProtectionOrder;
+ TBool iEncryptSignature;
+ TBool iProtectTokens;
+ TBool iOnlySignEntireHeadersAndBody;
+ };
+
+class CTranportBinding : public CBinding
+ {
+ public:
+ static CTranportBinding* NewL(CSenElement* aTransportBinding);
+ static CTranportBinding* NewLC(CSenElement* aTransportBinding);
+ virtual ~CTranportBinding();
+ TBool IsEqualTransportBindingAssertion(CTranportBinding* aTransportBinding);
+
+ protected:
+ CTokenHolder* GetTransportToken() {return iTransportToken;}
+
+ private:
+ void ConstructL(CSenElement* aTransportBinding);
+ CTranportBinding();
+
+ private: // Data
+ CTokenHolder* iTransportToken;
+ };
+
+
+class CAsymmetricBinding : public CSymmAsymmBinding
+ {
+ public:
+ static CAsymmetricBinding* NewL(CSenElement* aAsymmBinding);
+ static CAsymmetricBinding* NewLC(CSenElement* aAsymmBinding);
+ virtual ~CAsymmetricBinding();
+ TBool IsEqualAsymmtericAssertion(CAsymmetricBinding* aAsymmetricBinding);
+
+ protected:
+ CTokenHolder* GetInitiatorToken() {return iInitiatorToken;}
+ CTokenHolder* GetRecipientToken() {return iRecipientToken;}
+
+ private:
+ void ConstructL(CSenElement* aAsymmBinding);
+ CAsymmetricBinding();
+
+ private: // Data
+ CTokenHolder* iInitiatorToken;
+ CTokenHolder* iRecipientToken;
+
+};
+
+
+class CSymmetricBinding : public CSymmAsymmBinding
+ {
+ public:
+ static CSymmetricBinding* NewL(CSenElement* aSymmBinding);
+ static CSymmetricBinding* NewLC(CSenElement* aSymmBinding);
+ virtual ~CSymmetricBinding();
+ TBool IsEqualSymmtericAssertion(CSymmetricBinding* aSymmetricBinding);
+
+ protected:
+ CTokenHolder* GetEncryptionToken() {return iEncriptionToken;}
+ CTokenHolder* GetSignatureToken() {return iSignatureToken;}
+
+ private:
+ void ConstructL(CSenElement* aSymmBinding);
+ CSymmetricBinding();
+
+ private: // Data
+ CTokenHolder* iEncriptionToken;
+ CTokenHolder* iSignatureToken;
+ CTokenHolder* iProtectionToken;
+ };
+
+class CWss10 :public CBase
+ {
+ public:
+ static CWss10* NewL(CSenElement* aAssertion);
+ static CWss10* NewLC(CSenElement* aAssertion);
+ virtual ~CWss10();
+
+ TBool IsEqualWss10Assertion(CWss10* aAssertion);
+
+ TBool MustSupportRefKeyIdentifier();
+ TBool MustSupportRefIssuerSerial();
+ TBool MustSupportRefExternalURI();
+ TBool MustSupportRefEmbeddedToken();
+
+ protected:
+ void BaseConstructL(CSenElement* aAssertion);
+ CWss10();
+
+ private:
+ void ConstructL(CSenElement* aAssertion);
+
+ private: // Data
+ TBool iMustSupportRefKeyIdentifier;
+ TBool iMustSupportRefIssuerSerial;
+ TBool iMustSupportRefExternalURI;
+ TBool iMustSupportRefEmbeddedToken;
+ };
+
+class CWss11 : public CWss10
+ {
+ public:
+ static CWss11* NewL(CSenElement* aAssertion);
+ static CWss11* NewLC(CSenElement* aAssertion);
+ virtual ~CWss11();
+
+ TBool IsEqualWss11Assertion(CWss11* aAssertion);
+
+ TBool MustSupportRefThumbprint();
+ TBool MustSupportRefEncryptedKey();
+ TBool RequireSignatureConfirmation();
+
+ private:
+ void ConstructL(CSenElement* aAssertion);
+ CWss11();
+
+ private: // Data
+ TBool iMustSupportRefThumbprint;
+ TBool iMustSupportRefEncryptedKey;
+ TBool iRequireSignatureConfirmation;
+
+ };
+
+class CWsTrust10 :public CBase
+ {
+ public:
+ static CWsTrust10* NewL(CSenElement* aAssertion);
+ static CWsTrust10* NewLC(CSenElement* aAssertion);
+ virtual ~CWsTrust10();
+
+ TBool IsEqualWsTrust10Assertion(CWsTrust10* aAssertion);
+
+ TBool MustSupportClientChallenge();
+ TBool MustSupportServerChallenge();
+ TBool RequireClientEntropy();
+ TBool RequireServerEntropy();
+ TBool MustSupportIssuedTokens();
+
+ private:
+ void ConstructL(CSenElement* aAssertion);
+ CWsTrust10();
+
+ private: // Data
+ TBool iMustSupportClientChallenge;
+ TBool iMustSupportServerChallenge;
+ TBool iRequireClientEntropy;
+ TBool iRequireServerEntropy;
+ TBool iMustSupportIssuedTokens;
+ };
+
+struct SoapHeader
+ {
+ TPtrC8 iName;
+ TPtrC8 iNsUri;
+ };
+
+class CEncryptedSignedParts : public CBase
+ {
+ public:
+ static CEncryptedSignedParts* NewL(CSenElement* aAssertion);
+ static CEncryptedSignedParts* NewLC(CSenElement* aAssertion);
+ virtual ~CEncryptedSignedParts();
+
+ TBool IsEqualEncryptedSignedParts(CEncryptedSignedParts* aAssertion);
+ void ElementsL(RPointerArray<HBufC8>& aElements); //codescannerwarnings
+ TBool Header();
+ TBool Body();
+ // void GetHeaders()
+ private:
+ void ConstructL(CSenElement* aAssertion);
+ CEncryptedSignedParts();
+
+ private: // Data
+ TBool iHeader;
+ TBool iBody;
+ RArray<SoapHeader> iHeaders;
+
+ };
+
+class CEncryptedSignedElements : public CBase
+ {
+ public:
+ static CEncryptedSignedElements* NewL(CSenElement* aAssertion);
+ static CEncryptedSignedElements* NewLC(CSenElement* aAssertion);
+ virtual ~CEncryptedSignedElements();
+
+ TBool IsEqualEncryptedSignedElements(CEncryptedSignedElements* aAssertion);
+ TBool MergedElements(CEncryptedSignedElements* aAssertion, RArray<TPtrC8>& aResult);
+ TPtrC8 XPathVersion() { return iXPathVersion->Des(); }
+
+ TBool IfNsQualified(CSenElement* aAssertion, TDesC8& aXpath);
+ TInt GetXPaths(RArray<TPtrC8>& aXpaths); //will return copy of xpaths and RArray ownership
+
+ private:
+ void ConstructL(CSenElement* aAssertion);
+ CEncryptedSignedElements();
+
+ private: // Data
+ HBufC8* iXPathVersion;
+ RArray<TPtrC8> iXpaths;
+ };
+
+
+#endif //WSSTAR_SECURITY_POLICY_H
+
+// END OF FILE
+
+
+
+
+