|
1 /* |
|
2 * Copyright (c) 2006-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 |
|
26 |
|
27 |
|
28 |
|
29 |
|
30 #include <e32std.h> |
|
31 #include <xmlsecwinit.h> |
|
32 #include <xmlsecwsign.h> |
|
33 #include "sencryptoutils.h" |
|
34 #include "sendebug.h" |
|
35 #include "SenSoapMessage.h" |
|
36 #include "SenParser.h" |
|
37 #include "wsstarsecurityhandler.h" |
|
38 #include "wsstarcons.h" |
|
39 #include "wsstarhandlercontext.h" |
|
40 #include "wsstarmessagehandlerscons.h" |
|
41 #include "senlogger.h" // private Utils\inc |
|
42 #include "wsstarmessageutils.h" |
|
43 using namespace WSStarSecurityFault; |
|
44 |
|
45 //_LIT8(KSecurityIdPrefix, "SEC_"); |
|
46 _LIT8(KSecurityPrefix, "ds"); |
|
47 |
|
48 // Create instance of concrete ECOM interface implementation |
|
49 CWSStarSecurityHandler* CWSStarSecurityHandler::NewL( |
|
50 MSenHandlerContext* aHandlerCtx) |
|
51 { |
|
52 |
|
53 CWSStarSecurityHandler* self = |
|
54 new (ELeave) CWSStarSecurityHandler(*aHandlerCtx); |
|
55 return self; |
|
56 } |
|
57 |
|
58 // Constructor |
|
59 CWSStarSecurityHandler::CWSStarSecurityHandler(MSenHandlerContext& aCtx): |
|
60 CSenMessageHandler(aCtx) |
|
61 { |
|
62 } |
|
63 |
|
64 // Destructor |
|
65 CWSStarSecurityHandler::~CWSStarSecurityHandler() |
|
66 { |
|
67 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("CWSStarSecurityHandler::~CWSStarSecurityHandler()"))); |
|
68 } |
|
69 |
|
70 TInt CWSStarSecurityHandler::InvokeL(MSenMessageContext& aCtx) |
|
71 { |
|
72 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("CWSStarSecurityHandler::InvokeL(MSenMessageContext& aCtx)"))); |
|
73 |
|
74 if (aCtx.Direction() == SenContext::EOutgoing) |
|
75 { |
|
76 const TDesC8* keyB64 = aCtx.GetDesC8L(WSStarContextKeys::KPOPBase64); |
|
77 const TDesC8* keyType = aCtx.GetDesC8L(WSStarContextKeys::KBinaryType); |
|
78 if (!keyB64) |
|
79 { |
|
80 return KErrNone; |
|
81 } |
|
82 HBufC8* key = SenCryptoUtils::DecodeBase64L(*keyB64); |
|
83 if (!key) |
|
84 { |
|
85 return KErrArgument; |
|
86 } |
|
87 CleanupStack::PushL(key); |
|
88 |
|
89 RArrayElements elements; |
|
90 CleanupClosePushL(elements); |
|
91 |
|
92 CSenDomFragmentBase* base = GetElementsToSignL(aCtx, &elements); |
|
93 if (!base) |
|
94 { |
|
95 CleanupStack::PopAndDestroy(2, key); |
|
96 return KErrNone; |
|
97 } |
|
98 CleanupStack::PushL(base); |
|
99 |
|
100 base->AsDocumentL().RegisterXmlIdL(KSecurityUtilityId, KSecurityUtilityXmlNs); |
|
101 |
|
102 if (elements.Count()) |
|
103 { |
|
104 XmlSecPushL(); |
|
105 //TUint id = 0; |
|
106 for (TInt i = 0; i < elements.Count(); i++) |
|
107 { |
|
108 TXmlEngElement& el = elements[i]; |
|
109 TXmlEngNamespace ns = el.LookupNamespaceByPrefixL(KSecurityUtilityXmlNsPrefix); |
|
110 if (ns.IsUndefined()) |
|
111 { |
|
112 ns = el.AddNamespaceDeclarationL(KSecurityUtilityXmlNs, |
|
113 KSecurityUtilityXmlNsPrefix); |
|
114 } |
|
115 else if (ns.Uri() != KSecurityUtilityXmlNs) |
|
116 { |
|
117 User::Leave(KErrCorrupt); |
|
118 } |
|
119 |
|
120 //!!!atention, current id value is absed upn tag name. Below commented code |
|
121 //generate more uniq name (similar to sequencer) |
|
122 //while (!el.HasAttributeL(KSecurityUtilityId, KSecurityUtilityXmlNs)) |
|
123 { |
|
124 //TBuf8<12> idStr = KSecurityIdPrefix(); |
|
125 //idStr.AppendNumFixedWidth(++id, EHex, 8); |
|
126 //el.AddXmlIdL(KSecurityUtilityId, idStr, ns); |
|
127 el.AddXmlIdL(KSecurityUtilityId, elements[i].Name(), ns); |
|
128 } |
|
129 } |
|
130 |
|
131 CXmlSecSign* sign = CXmlSecSign::NewLC(); |
|
132 TXmlEngElement signature; |
|
133 if (!keyType || //only 4 possible case null, nonce, asymmetric, symmetric. |
|
134 (keyType && |
|
135 *keyType == WSStarContextValues::KPOPTypeAsimmetric)) |
|
136 { |
|
137 TLSLOG(KSenFaultsLogChannel, KSenFaultsLogLevel, KUnsupportedAlgorithm); |
|
138 CleanupStack::PopAndDestroy(sign); |
|
139 XmlSecPopAndDestroy(); |
|
140 CleanupStack::PopAndDestroy(base); |
|
141 CleanupStack::PopAndDestroy(); //elements, it is R class |
|
142 CleanupStack::PopAndDestroy(key); |
|
143 return KErrNone; |
|
144 } |
|
145 else //if nonce , then key is computed and also is simettric |
|
146 { |
|
147 sign->CreateTemplateL(CXmlSecSign::EHMAC, |
|
148 elements, |
|
149 KSecurityUtilityWsuId, |
|
150 EFalse, |
|
151 CXmlSecSign::KExclusiveC14N, |
|
152 KSecurityPrefix, |
|
153 EFalse |
|
154 ); |
|
155 sign->SetKeyFromBufferL(*key, KNullDesC8, CXmlSecSign::EHMAC); |
|
156 //const TDesC8* str = aCtx.GetDesC8L(WSStarContextKeys::KSTR); |
|
157 _LIT8(KSTRstr,"<wsse:SecurityTokenReference \ |
|
158 xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/\ |
|
159 oasis-200401-wss-wssecurity-secext-1.0.xsd\">\ |
|
160 <wsse:Reference wsse:URI=\"token\" />\ |
|
161 </wsse:SecurityTokenReference>"); |
|
162 const TDesC8* str = &KSTRstr(); |
|
163 if (str) |
|
164 { |
|
165 CSenDomFragmentBase* strFr = CSenDomFragmentBase::NewL(); |
|
166 CleanupStack::PushL(strFr); |
|
167 CSenParser* parser = CSenParser::NewLC(); |
|
168 parser->ParseL(*str, *strFr); |
|
169 sign->SetKeyInfoL(strFr->AsElementL().CopyL()); |
|
170 CleanupStack::PopAndDestroy(2, strFr); |
|
171 } |
|
172 signature = sign->SignXmlNodesL(elements); |
|
173 } |
|
174 |
|
175 HBufC8* messageXml = base->AsXmlL(); |
|
176 CleanupStack::PushL(messageXml); |
|
177 |
|
178 CSenSoapMessage* message=NULL; |
|
179 CSenSoapMessage* msg = |
|
180 (CSenSoapMessage*)aCtx.GetSenSoapEnvelopeL( |
|
181 SenContext::KSenCurrentSoapMessageCtxKey); |
|
182 if(msg->SoapVersion() == ESOAP12) |
|
183 { |
|
184 message = CSenSoapMessage::NewL( ESOAP12, KSecurityXmlNs); |
|
185 } |
|
186 else |
|
187 { |
|
188 message = CSenSoapMessage::NewL(ESOAP11, KSecuritySchemeXmlNs ); |
|
189 } |
|
190 CleanupStack::PushL(message); |
|
191 CSenXmlReader& reader = const_cast<CSenXmlReader&>(*aCtx.GetParser()); |
|
192 |
|
193 message->ParseWithL( reader ); |
|
194 message->ParseL(*messageXml); |
|
195 aCtx.Update(SenContext::KSenCurrentSoapMessageCtxKey, message); |
|
196 CleanupStack::Pop(message); |
|
197 AttachElementL(aCtx, signature); |
|
198 CleanupStack::PopAndDestroy(2, sign);//messagexml, sign |
|
199 |
|
200 |
|
201 XmlSecPopAndDestroy(); |
|
202 } |
|
203 |
|
204 CleanupStack::PopAndDestroy(3, key);//base, elements, key |
|
205 } |
|
206 return KErrNone; |
|
207 } |
|
208 |
|
209 |
|
210 SenHandler::THandlerDirection CWSStarSecurityHandler::Direction() const |
|
211 { |
|
212 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("CWSStarSecurityHandler::Direction()"))); |
|
213 return SenHandler::EBoth; |
|
214 }; |
|
215 SenHandler::THandlerPhase CWSStarSecurityHandler::Phase() |
|
216 { |
|
217 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("CWSStarSecurityHandler::Phase()"))); |
|
218 return SenHandler::EMessage; |
|
219 }; |
|
220 TInt CWSStarSecurityHandler::InitL(MSenHandlerContext& /*aCtx*/) |
|
221 { |
|
222 return KErrNone; |
|
223 } |
|
224 |
|
225 |
|
226 RFileLogger* CWSStarSecurityHandler::Log() const |
|
227 { |
|
228 RFileLogger* pLog = NULL; |
|
229 TRAP_IGNORE( pLog = (RFileLogger*)iHandlerContext.GetAnyL(HandlerContextKey::KLogger); ) |
|
230 return pLog; |
|
231 } |
|
232 |
|
233 //------------------------------------------------------------------------------ |
|
234 // Add signature element to security header |
|
235 //------------------------------------------------------------------------------ |
|
236 // |
|
237 void CWSStarSecurityHandler::AttachElementL(MSenMessageContext& aCtx, |
|
238 TXmlEngElement& aSignature) |
|
239 { |
|
240 CSenSoapMessage* message = (CSenSoapMessage*) |
|
241 (aCtx.GetSenSoapEnvelopeL( |
|
242 SenContext::KSenCurrentSoapMessageCtxKey)); |
|
243 RBuf8 buffer; |
|
244 aSignature.OuterXmlL(buffer); |
|
245 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMaxLogLevel,(_L("Siganture from buffer"))); |
|
246 TLSLOG_ALL(KSenCoreServiceManagerLogChannelBase , KMaxLogLevel,(buffer)); |
|
247 message->AddSecurityTokenL(buffer); |
|
248 buffer.Close(); |
|
249 } |
|
250 |
|
251 //------------------------------------------------------------------------------ |
|
252 // Returns collection of elements which has to be signed. Depenend on policy |
|
253 // which determine what to sign |
|
254 //------------------------------------------------------------------------------ |
|
255 // |
|
256 |
|
257 CSenDomFragmentBase* CWSStarSecurityHandler::GetElementsToSignL( MSenMessageContext& aCtx, RArrayElements* aElements ) |
|
258 { |
|
259 CSenSoapMessage* msg = (CSenSoapMessage*)aCtx.GetSenSoapEnvelopeL( |
|
260 SenContext::KSenCurrentSoapMessageCtxKey); |
|
261 if (!msg) |
|
262 { |
|
263 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("There is no message in message context"))); |
|
264 return NULL; |
|
265 } |
|
266 |
|
267 CSenDomFragmentBase* base = CSenDomFragmentBase::NewL(); |
|
268 CleanupStack::PushL(base); |
|
269 |
|
270 HBufC8* xmlMsg = msg->AsXmlL(); |
|
271 TLSLOG(KSenCoreServiceManagerLogChannelBase , KMaxLogLevel,(_L("____parse message in order to find elements____"))); |
|
272 TLSLOG_ALL(KSenCoreServiceManagerLogChannelBase , KMaxLogLevel,(*xmlMsg)); |
|
273 |
|
274 CleanupStack::PushL(xmlMsg); |
|
275 |
|
276 |
|
277 CSenParser* parser = CSenParser::NewLC(); |
|
278 parser->ParseL(*xmlMsg, *base); |
|
279 CleanupStack::PopAndDestroy(2, xmlMsg);//parser, xmlMsg |
|
280 |
|
281 TXmlEngElement parent = base->AsElementL(); |
|
282 |
|
283 |
|
284 TPtrC8 verDes = KSenSoapEnvelopeXmlns(); |
|
285 const TInt* ver = aCtx.GetIntL(WSStarContextKeys::KSoapVersion); |
|
286 if (!ver || (*ver != ESOAP11)) |
|
287 { |
|
288 verDes.Set(KSenSoap12EnvelopeXmlns()); |
|
289 } |
|
290 |
|
291 //determine using global policy |
|
292 RPointerArray<HBufC8>* pTags = (RPointerArray<HBufC8>*)aCtx.GetAnyL(WSStarContextKeys::KSignedPartsArray); |
|
293 |
|
294 if( pTags ) |
|
295 { |
|
296 TInt count(pTags->Count()); |
|
297 for (TInt i = 0; i<count; i+=2 ) |
|
298 { |
|
299 TLSLOG_L( KSenCoreServiceManagerLogChannelBase, KMaxLogLevel, "____looking for elements____" ); |
|
300 HBufC8* tagg = (*pTags)[i]; |
|
301 HBufC8* taggNs = (*pTags)[i+1]; |
|
302 TPtrC8 name = tagg->Des(); |
|
303 TPtrC8 pNs = taggNs->Des(); |
|
304 TLSLOG( KSenCoreServiceManagerLogChannelBase, KMaxLogLevel, ( *((*pTags)[i]) ) ); |
|
305 TLSLOG( KSenCoreServiceManagerLogChannelBase, KMaxLogLevel, ( *((*pTags)[i+1]) ) ); |
|
306 if ( pNs == KNullDesC8() ) // assumption is that this is some soap namespace (like Body) |
|
307 { |
|
308 pNs.Set( verDes ); |
|
309 } |
|
310 CWSStarMessageUtils::FindElementL( name, pNs, parent, aElements ); |
|
311 } |
|
312 } |
|
313 #ifdef _SENDEBUG |
|
314 else // pTags == NULL |
|
315 { |
|
316 TLSLOG_L( KSenCoreServiceManagerLogChannelBase, KMinLogLevel, "CWSStarSecurityHandler::GetElementsToSignL(MSenMessageContext):" ); |
|
317 TLSLOG_L( KSenCoreServiceManagerLogChannelBase, KMinLogLevel, "- aCtx.GetAnyL(WSStarContextKeys::KSignedPartsArray) returned NULL(!)" ); |
|
318 } |
|
319 #endif // _SENDEBUG |
|
320 CleanupStack::Pop( base ); |
|
321 return base; |
|
322 } |
|
323 |
|
324 |
|
325 // END OF FILE |
|
326 |