|
1 /** |
|
2 * XML Security Library (http://www.aleksey.com/xmlsec). |
|
3 * |
|
4 * The transforms engine |
|
5 * |
|
6 * This is free software; see Copyright file in the source |
|
7 * distribution for preciese wording. |
|
8 * |
|
9 * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> |
|
10 * Portion Copyright © 2009 Nokia Corporation and/or its subsidiary(-ies). All rights reserved. |
|
11 */ |
|
12 #ifndef __XMLSEC_TRANSFORMS_H__ |
|
13 #define __XMLSEC_TRANSFORMS_H__ |
|
14 |
|
15 #ifdef __cplusplus |
|
16 extern "C" { |
|
17 #endif /* __cplusplus */ |
|
18 |
|
19 #include <libxml2_tree.h> |
|
20 #include <libxml2_xpath.h> |
|
21 #include "xmlsec_config.h" |
|
22 #include "xmlsec_xmlsec.h" |
|
23 #include "xmlsec_buffer.h" |
|
24 #include "xmlsec_list.h" |
|
25 #include "xmlsec_nodeset.h" |
|
26 #include "xmlsec_keys.h" |
|
27 |
|
28 typedef const struct _xmlSecTransformKlass xmlSecTransformKlass, |
|
29 *xmlSecTransformId; |
|
30 /** |
|
31 * XMLSEC_TRANSFORM_BINARY_CHUNK: |
|
32 * |
|
33 * The binary data chunks size. XMLSec processes binary data one chunk |
|
34 * at a time. Changing this impacts xmlsec memory usage and performance. |
|
35 */ |
|
36 #define XMLSEC_TRANSFORM_BINARY_CHUNK 64 |
|
37 |
|
38 /********************************************************************** |
|
39 * |
|
40 * Hi-level functions |
|
41 * |
|
42 *********************************************************************/ |
|
43 XMLSEC_EXPORT xmlSecPtrListPtr xmlSecTransformIdsGet (void); |
|
44 XMLSEC_EXPORT int xmlSecTransformIdsInit (void); |
|
45 XMLSEC_EXPORT void xmlSecTransformIdsShutdown (void); |
|
46 XMLSEC_EXPORT int xmlSecTransformIdsRegisterDefault(void); |
|
47 XMLSEC_EXPORT int xmlSecTransformIdsRegister (xmlSecTransformId id); |
|
48 |
|
49 /** |
|
50 * xmlSecTransformStatus: |
|
51 * @xmlSecTransformStatusNone: the status unknown. |
|
52 * @xmlSecTransformStatusWorking: the transform is executed. |
|
53 * @xmlSecTransformStatusFinished: the transform finished |
|
54 * @xmlSecTransformStatusOk: the transform succeeded. |
|
55 * @xmlSecTransformStatusFail: the transform failed (an error occur). |
|
56 * |
|
57 * The transform execution status. |
|
58 */ |
|
59 typedef enum { |
|
60 xmlSecTransformStatusNone = 0, |
|
61 xmlSecTransformStatusWorking, |
|
62 xmlSecTransformStatusFinished, |
|
63 xmlSecTransformStatusOk, |
|
64 xmlSecTransformStatusFail |
|
65 } xmlSecTransformStatus; |
|
66 |
|
67 /** |
|
68 * xmlSecTransformMode: |
|
69 * @xmlSecTransformModeNone: the mode is unknown. |
|
70 * @xmlSecTransformModePush: pushing data thru transform. |
|
71 * @xmlSecTransformModePop: popping data from transform. |
|
72 * |
|
73 * The transform operation mode |
|
74 */ |
|
75 typedef enum { |
|
76 xmlSecTransformModeNone = 0, |
|
77 xmlSecTransformModePush, |
|
78 xmlSecTransformModePop |
|
79 } xmlSecTransformMode; |
|
80 |
|
81 /** |
|
82 * xmlSecTransformOperation: |
|
83 * @xmlSecTransformOperationNone: the operation is unknown. |
|
84 * @xmlSecTransformOperationEncode: the encode operation (for base64 transform). |
|
85 * @xmlSecTransformOperationDecode: the decode operation (for base64 transform). |
|
86 * @xmlSecTransformOperationSign: the sign or digest operation. |
|
87 * @xmlSecTransformOperationVerify: the verification of signature or digest operation. |
|
88 * @xmlSecTransformOperationEncrypt: the encryption operation. |
|
89 * @xmlSecTransformOperationDecrypt: the decryption operation. |
|
90 * |
|
91 * The transform operation. |
|
92 */ |
|
93 typedef enum { |
|
94 xmlSecTransformOperationNone = 0, |
|
95 xmlSecTransformOperationEncode, |
|
96 xmlSecTransformOperationDecode, |
|
97 xmlSecTransformOperationSign, |
|
98 xmlSecTransformOperationVerify, |
|
99 xmlSecTransformOperationEncrypt, |
|
100 xmlSecTransformOperationDecrypt |
|
101 } xmlSecTransformOperation; |
|
102 |
|
103 /************************************************************************** |
|
104 * |
|
105 * xmlSecTransformUriType: |
|
106 * |
|
107 *************************************************************************/ |
|
108 /** |
|
109 * xmlSecTransformUriType: |
|
110 * |
|
111 * URI transform type bit mask. |
|
112 */ |
|
113 typedef unsigned int xmlSecTransformUriType; |
|
114 |
|
115 /** |
|
116 * xmlSecTransformUriTypeNone: |
|
117 * |
|
118 * The URI type is unknown or not set. |
|
119 */ |
|
120 #define xmlSecTransformUriTypeNone 0x0000 |
|
121 |
|
122 /** |
|
123 * xmlSecTransformUriTypeEmpty: |
|
124 * |
|
125 * The empty URI ("") type. |
|
126 */ |
|
127 #define xmlSecTransformUriTypeEmpty 0x0001 |
|
128 |
|
129 /** |
|
130 * xmlSecTransformUriTypeSameDocument: |
|
131 * |
|
132 * The smae document ("#...") but not empty ("") URI type. |
|
133 */ |
|
134 #define xmlSecTransformUriTypeSameDocument 0x0002 |
|
135 |
|
136 /** |
|
137 * xmlSecTransformUriTypeLocal: |
|
138 * |
|
139 * The local URI ("file:///....") type. |
|
140 */ |
|
141 #define xmlSecTransformUriTypeLocal 0x0004 |
|
142 |
|
143 /** |
|
144 * xmlSecTransformUriTypeRemote: |
|
145 * |
|
146 * The remote URI type. |
|
147 */ |
|
148 #define xmlSecTransformUriTypeRemote 0x0008 |
|
149 |
|
150 /** |
|
151 * xmlSecTransformUriTypeAny: |
|
152 * |
|
153 * Any URI type. |
|
154 */ |
|
155 #define xmlSecTransformUriTypeAny 0xFFFF |
|
156 |
|
157 XMLSEC_EXPORT int xmlSecTransformUriTypeCheck (xmlSecTransformUriType type, |
|
158 const xmlChar* uri); |
|
159 /************************************************************************** |
|
160 * |
|
161 * xmlSecTransformDataType |
|
162 * |
|
163 *************************************************************************/ |
|
164 /** |
|
165 * xmlSecTransformDataType: |
|
166 * |
|
167 * Transform data type bit mask. |
|
168 */ |
|
169 typedef xmlSecByte xmlSecTransformDataType; |
|
170 |
|
171 /** |
|
172 * xmlSecTransformDataTypeUnknown: |
|
173 * |
|
174 * The transform data type is unknown or nor data expected. |
|
175 */ |
|
176 #define xmlSecTransformDataTypeUnknown 0x0000 |
|
177 |
|
178 /** |
|
179 * xmlSecTransformDataTypeBin: |
|
180 * |
|
181 * The binary transform data. |
|
182 */ |
|
183 #define xmlSecTransformDataTypeBin 0x0001 |
|
184 |
|
185 /** |
|
186 * xmlSecTransformDataTypeXml: |
|
187 * |
|
188 * The xml transform data. |
|
189 */ |
|
190 #define xmlSecTransformDataTypeXml 0x0002 |
|
191 |
|
192 /************************************************************************** |
|
193 * |
|
194 * xmlSecTransformUsage |
|
195 * |
|
196 *************************************************************************/ |
|
197 /** |
|
198 * xmlSecTransformUsage: |
|
199 * |
|
200 * The transform usage bit mask. |
|
201 */ |
|
202 typedef unsigned int xmlSecTransformUsage; |
|
203 |
|
204 /** |
|
205 * xmlSecTransformUsageUnknown: |
|
206 * |
|
207 * Transforms usage is unknown or undefined. |
|
208 */ |
|
209 #define xmlSecTransformUsageUnknown 0x0000 |
|
210 |
|
211 /** |
|
212 * xmlSecTransformUsageDSigTransform: |
|
213 * |
|
214 * Transform could be used in <dsig:Transform>. |
|
215 */ |
|
216 #define xmlSecTransformUsageDSigTransform 0x0001 |
|
217 |
|
218 /** |
|
219 * xmlSecTransformUsageC14NMethod: |
|
220 * |
|
221 * Transform could be used in <dsig:CanonicalizationMethod>. |
|
222 */ |
|
223 #define xmlSecTransformUsageC14NMethod 0x0002 |
|
224 |
|
225 /** |
|
226 * xmlSecTransformUsageDigestMethod: |
|
227 * |
|
228 * Transform could be used in <dsig:DigestMethod>. |
|
229 */ |
|
230 #define xmlSecTransformUsageDigestMethod 0x0004 |
|
231 |
|
232 /** |
|
233 * xmlSecTransformUsageSignatureMethod: |
|
234 * |
|
235 * Transform could be used in <dsig:SignatureMethod>. |
|
236 */ |
|
237 #define xmlSecTransformUsageSignatureMethod 0x0008 |
|
238 |
|
239 /** |
|
240 * xmlSecTransformUsageEncryptionMethod: |
|
241 * |
|
242 * Transform could be used in <enc:EncryptionMethod>. |
|
243 */ |
|
244 #define xmlSecTransformUsageEncryptionMethod 0x0010 |
|
245 |
|
246 /** |
|
247 * xmlSecTransformUsageAny: |
|
248 * |
|
249 * Transform could be used for operation. |
|
250 */ |
|
251 #define xmlSecTransformUsageAny 0xFFFF |
|
252 |
|
253 /************************************************************************** |
|
254 * |
|
255 * xmlSecTransformCtx |
|
256 * |
|
257 *************************************************************************/ |
|
258 /** |
|
259 * xmlSecTransformCtxPreExecuteCallback: |
|
260 * @transformCtx: the pointer to transform's context. |
|
261 * |
|
262 * The callback called after creating transforms chain but before |
|
263 * starting data processing. Application can use this callback to |
|
264 * do additional transforms chain verification or modification and |
|
265 * aborting transforms execution (if necessary). |
|
266 * |
|
267 * Returns 0 on success and a negative value otherwise (in this case, |
|
268 * transforms chain will not be executed and xmlsec processing stops). |
|
269 */ |
|
270 typedef int (*xmlSecTransformCtxPreExecuteCallback) (xmlSecTransformCtxPtr transformCtx); |
|
271 |
|
272 /** |
|
273 * XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK: |
|
274 * |
|
275 * If this flag is set then URI ID references are resolved directly |
|
276 * without using XPointers. This allows one to sign/verify Visa3D |
|
277 * documents that don't follow XML, XPointer and XML DSig specifications. |
|
278 */ |
|
279 #define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK 0x00000001 |
|
280 |
|
281 /** |
|
282 * xmlSecTransformCtx: |
|
283 * @userData: the pointer to user data (xmlsec and xmlsec-crypto never |
|
284 * touch this). |
|
285 * @flags: the bit mask flags to control transforms execution |
|
286 * (reserved for the future). |
|
287 * @flags2: the bit mask flags to control transforms execution |
|
288 * (reserved for the future). |
|
289 * @enabledUris: the allowed transform data source uri types. |
|
290 * @enabledTransforms: the list of enabled transforms; if list is empty (default) |
|
291 * then all registered transforms are enabled. |
|
292 * @preExecCallback: the callback called after preparing transform chain |
|
293 * and right before actual data processing; application |
|
294 * can use this callback to change transforms parameters, |
|
295 * insert additional transforms in the chain or do |
|
296 * additional validation (and abort transform execution |
|
297 * if needed). |
|
298 * @result: the pointer to transforms result buffer. |
|
299 * @status: the transforms chain processng status. |
|
300 * @uri: the data source URI without xpointer expression. |
|
301 * @xptrExpr: the xpointer expression from data source URI (if any). |
|
302 * @first: the first transform in the chain. |
|
303 * @last: the last transform in the chain. |
|
304 * @reserved0: reserved for the future. |
|
305 * @reserved1: reserved for the future. |
|
306 * |
|
307 * The transform execution context. |
|
308 */ |
|
309 struct _xmlSecTransformCtx { |
|
310 /* user settings */ |
|
311 void* userData; |
|
312 unsigned int flags; |
|
313 unsigned int flags2; |
|
314 xmlSecTransformUriType enabledUris; |
|
315 xmlSecPtrList enabledTransforms; |
|
316 xmlSecTransformCtxPreExecuteCallback preExecCallback; |
|
317 |
|
318 /* results */ |
|
319 xmlSecBufferPtr result; |
|
320 xmlSecTransformStatus status; |
|
321 xmlChar* uri; |
|
322 xmlChar* xptrExpr; |
|
323 xmlSecTransformPtr first; |
|
324 xmlSecTransformPtr last; |
|
325 |
|
326 /* for the future */ |
|
327 void* reserved0; |
|
328 void* reserved1; |
|
329 }; |
|
330 |
|
331 XMLSEC_EXPORT xmlSecTransformCtxPtr xmlSecTransformCtxCreate (void); |
|
332 XMLSEC_EXPORT void xmlSecTransformCtxDestroy (xmlSecTransformCtxPtr ctx); |
|
333 XMLSEC_EXPORT int xmlSecTransformCtxInitialize (xmlSecTransformCtxPtr ctx); |
|
334 XMLSEC_EXPORT void xmlSecTransformCtxFinalize (xmlSecTransformCtxPtr ctx); |
|
335 XMLSEC_EXPORT void xmlSecTransformCtxReset (xmlSecTransformCtxPtr ctx); |
|
336 XMLSEC_EXPORT int xmlSecTransformCtxCopyUserPref (xmlSecTransformCtxPtr dst, |
|
337 xmlSecTransformCtxPtr src); |
|
338 XMLSEC_EXPORT int xmlSecTransformCtxSetUri (xmlSecTransformCtxPtr ctx, |
|
339 const xmlChar* uri, |
|
340 xmlNodePtr hereNode); |
|
341 XMLSEC_EXPORT int xmlSecTransformCtxAppend (xmlSecTransformCtxPtr ctx, |
|
342 xmlSecTransformPtr transform); |
|
343 XMLSEC_EXPORT int xmlSecTransformCtxPrepend (xmlSecTransformCtxPtr ctx, |
|
344 xmlSecTransformPtr transform); |
|
345 XMLSEC_EXPORT xmlSecTransformPtr xmlSecTransformCtxCreateAndAppend(xmlSecTransformCtxPtr ctx, |
|
346 xmlSecTransformId id); |
|
347 XMLSEC_EXPORT xmlSecTransformPtr xmlSecTransformCtxCreateAndPrepend(xmlSecTransformCtxPtr ctx, |
|
348 xmlSecTransformId id); |
|
349 XMLSEC_EXPORT xmlSecTransformPtr xmlSecTransformCtxNodeRead (xmlSecTransformCtxPtr ctx, |
|
350 xmlNodePtr node, |
|
351 xmlSecTransformUsage usage); |
|
352 XMLSEC_EXPORT int xmlSecTransformCtxNodesListRead (xmlSecTransformCtxPtr ctx, |
|
353 xmlNodePtr node, |
|
354 xmlSecTransformUsage usage); |
|
355 XMLSEC_EXPORT int xmlSecTransformCtxPrepare (xmlSecTransformCtxPtr ctx, |
|
356 xmlSecTransformDataType inputDataType); |
|
357 XMLSEC_EXPORT int xmlSecTransformCtxBinaryExecute (xmlSecTransformCtxPtr ctx, |
|
358 const xmlSecByte* data, |
|
359 xmlSecSize dataSize); |
|
360 XMLSEC_EXPORT int xmlSecTransformCtxUriExecute (xmlSecTransformCtxPtr ctx, |
|
361 const xmlChar* uri); |
|
362 XMLSEC_EXPORT int xmlSecTransformCtxXmlExecute (xmlSecTransformCtxPtr ctx, |
|
363 xmlSecNodeSetPtr nodes); |
|
364 XMLSEC_EXPORT int xmlSecTransformCtxExecute (xmlSecTransformCtxPtr ctx, |
|
365 xmlDocPtr doc); |
|
366 XMLSEC_EXPORT void xmlSecTransformCtxDebugDump (xmlSecTransformCtxPtr ctx, |
|
367 FILE* output); |
|
368 XMLSEC_EXPORT void xmlSecTransformCtxDebugXmlDump (xmlSecTransformCtxPtr ctx, |
|
369 FILE* output); |
|
370 |
|
371 |
|
372 /************************************************************************** |
|
373 * |
|
374 * xmlSecTransform |
|
375 * |
|
376 *************************************************************************/ |
|
377 /** |
|
378 * xmlSecTransform: |
|
379 * @id: the transform id (pointer to #xmlSecTransformId). |
|
380 * @operation: the transform's opertaion. |
|
381 * @status: the current status. |
|
382 * @hereNode: the pointer to transform's <dsig:Transform /> node. |
|
383 * @next: the pointer to next transform in the chain. |
|
384 * @prev: the pointer to previous transform in the chain. |
|
385 * @inBuf: the input binary data buffer. |
|
386 * @outBuf: the output binary data buffer. |
|
387 * @inNodes: the input XML nodes. |
|
388 * @outNodes: the output XML nodes. |
|
389 * @reserved0: reserved for the future. |
|
390 * @reserved1: reserved for the future. |
|
391 * |
|
392 * The transform structure. |
|
393 */ |
|
394 struct _xmlSecTransform { |
|
395 xmlSecTransformId id; |
|
396 xmlSecTransformOperation operation; |
|
397 xmlSecTransformStatus status; |
|
398 xmlNodePtr hereNode; |
|
399 |
|
400 /* transforms chain */ |
|
401 xmlSecTransformPtr next; |
|
402 xmlSecTransformPtr prev; |
|
403 |
|
404 /* binary data */ |
|
405 xmlSecBuffer inBuf; |
|
406 xmlSecBuffer outBuf; |
|
407 |
|
408 /* xml data */ |
|
409 xmlSecNodeSetPtr inNodes; |
|
410 xmlSecNodeSetPtr outNodes; |
|
411 |
|
412 /* reserved for the future */ |
|
413 void* reserved0; |
|
414 void* reserved1; |
|
415 }; |
|
416 |
|
417 XMLSEC_EXPORT xmlSecTransformPtr xmlSecTransformCreate (xmlSecTransformId id); |
|
418 XMLSEC_EXPORT void xmlSecTransformDestroy (xmlSecTransformPtr transform); |
|
419 XMLSEC_EXPORT xmlSecTransformPtr xmlSecTransformNodeRead (xmlNodePtr node, |
|
420 xmlSecTransformUsage usage, |
|
421 xmlSecTransformCtxPtr transformCtx); |
|
422 XMLSEC_EXPORT int xmlSecTransformPump (xmlSecTransformPtr left, |
|
423 xmlSecTransformPtr right, |
|
424 xmlSecTransformCtxPtr transformCtx); |
|
425 XMLSEC_EXPORT int xmlSecTransformSetKey (xmlSecTransformPtr transform, |
|
426 xmlSecKeyPtr key); |
|
427 XMLSEC_EXPORT int xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, |
|
428 xmlSecKeyReqPtr keyReq); |
|
429 XMLSEC_EXPORT int xmlSecTransformVerify (xmlSecTransformPtr transform, |
|
430 const xmlSecByte* data, |
|
431 xmlSecSize dataSize, |
|
432 xmlSecTransformCtxPtr transformCtx); |
|
433 XMLSEC_EXPORT int xmlSecTransformVerifyNodeContent(xmlSecTransformPtr transform, |
|
434 xmlNodePtr node, |
|
435 xmlSecTransformCtxPtr transformCtx); |
|
436 XMLSEC_EXPORT xmlSecTransformDataType xmlSecTransformGetDataType(xmlSecTransformPtr transform, |
|
437 xmlSecTransformMode mode, |
|
438 xmlSecTransformCtxPtr transformCtx); |
|
439 XMLSEC_EXPORT int xmlSecTransformPushBin (xmlSecTransformPtr transform, |
|
440 const xmlSecByte* data, |
|
441 xmlSecSize dataSize, |
|
442 int final, |
|
443 xmlSecTransformCtxPtr transformCtx); |
|
444 XMLSEC_EXPORT int xmlSecTransformPopBin (xmlSecTransformPtr transform, |
|
445 xmlSecByte* data, |
|
446 xmlSecSize maxDataSize, |
|
447 xmlSecSize* dataSize, |
|
448 xmlSecTransformCtxPtr transformCtx); |
|
449 XMLSEC_EXPORT int xmlSecTransformPushXml (xmlSecTransformPtr transform, |
|
450 xmlSecNodeSetPtr nodes, |
|
451 xmlSecTransformCtxPtr transformCtx); |
|
452 XMLSEC_EXPORT int xmlSecTransformPopXml (xmlSecTransformPtr transform, |
|
453 xmlSecNodeSetPtr* nodes, |
|
454 xmlSecTransformCtxPtr transformCtx); |
|
455 XMLSEC_EXPORT int xmlSecTransformExecute (xmlSecTransformPtr transform, |
|
456 int last, |
|
457 xmlSecTransformCtxPtr transformCtx); |
|
458 XMLSEC_EXPORT void xmlSecTransformDebugDump(xmlSecTransformPtr transform, |
|
459 FILE* output); |
|
460 XMLSEC_EXPORT void xmlSecTransformDebugXmlDump(xmlSecTransformPtr transform, |
|
461 FILE* output); |
|
462 /** |
|
463 * xmlSecTransformGetName: |
|
464 * @transform: the pointer to transform. |
|
465 * |
|
466 * Macro. Returns transform name. |
|
467 */ |
|
468 #define xmlSecTransformGetName(transform) \ |
|
469 ((xmlSecTransformIsValid((transform))) ? \ |
|
470 xmlSecTransformKlassGetName((transform)->id) : NULL) |
|
471 |
|
472 /** |
|
473 * xmlSecTransformIsValid: |
|
474 * @transform: the pointer to transform. |
|
475 * |
|
476 * Macro. Returns 1 if the @transform is valid or 0 otherwise. |
|
477 */ |
|
478 #define xmlSecTransformIsValid(transform) \ |
|
479 ((( transform ) != NULL) && \ |
|
480 (( transform )->id != NULL) && \ |
|
481 (( transform )->id->klassSize >= sizeof(xmlSecTransformKlass)) && \ |
|
482 (( transform )->id->objSize >= sizeof(xmlSecTransform)) && \ |
|
483 (( transform )->id->name != NULL)) |
|
484 |
|
485 /** |
|
486 * xmlSecTransformCheckType: |
|
487 * @transform: the pointer to transform. |
|
488 * @t: the transform type. |
|
489 * |
|
490 * Macro. Returns 1 if the @transform is valid and has specified type @t |
|
491 * or 0 otherwise. |
|
492 */ |
|
493 #define xmlSecTransformCheckType(transform, t) \ |
|
494 (xmlSecTransformIsValid(( transform )) && \ |
|
495 ((( transform )->id->type) == ( t ))) |
|
496 |
|
497 /** |
|
498 * xmlSecTransformCheckId: |
|
499 * @transform: the pointer to transform. |
|
500 * @i: the transform id. |
|
501 * |
|
502 * Macro. Returns 1 if the @transform is valid and has specified id @i |
|
503 * or 0 otherwise. |
|
504 */ |
|
505 #define xmlSecTransformCheckId(transform, i) \ |
|
506 (xmlSecTransformIsValid(( transform )) && \ |
|
507 ((((const xmlSecTransformId) (( transform )->id))) == ( i ))) |
|
508 |
|
509 /** |
|
510 * xmlSecTransformCheckSize: |
|
511 * @transform: the pointer to transform. |
|
512 * @size: the transform object size. |
|
513 * |
|
514 * Macro. Returns 1 if the @transform is valid and has at least @size |
|
515 * bytes or 0 otherwise. |
|
516 */ |
|
517 #define xmlSecTransformCheckSize(transform, size) \ |
|
518 (xmlSecTransformIsValid(( transform )) && \ |
|
519 ((( transform )->id->objSize) >= ( size ))) |
|
520 |
|
521 |
|
522 /************************************************************************ |
|
523 * |
|
524 * Operations on transforms chain |
|
525 * |
|
526 ************************************************************************/ |
|
527 XMLSEC_EXPORT int xmlSecTransformConnect (xmlSecTransformPtr left, |
|
528 xmlSecTransformPtr right, |
|
529 xmlSecTransformCtxPtr transformCtx); |
|
530 XMLSEC_EXPORT void xmlSecTransformRemove (xmlSecTransformPtr transform); |
|
531 |
|
532 /************************************************************************ |
|
533 * |
|
534 * Default callbacks, most of the transforms can use them |
|
535 * |
|
536 ************************************************************************/ |
|
537 XMLSEC_EXPORT xmlSecTransformDataType xmlSecTransformDefaultGetDataType(xmlSecTransformPtr transform, |
|
538 xmlSecTransformMode mode, |
|
539 xmlSecTransformCtxPtr transformCtx); |
|
540 XMLSEC_EXPORT int xmlSecTransformDefaultPushBin(xmlSecTransformPtr transform, |
|
541 const xmlSecByte* data, |
|
542 xmlSecSize dataSize, |
|
543 int final, |
|
544 xmlSecTransformCtxPtr transformCtx); |
|
545 XMLSEC_EXPORT int xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform, |
|
546 xmlSecByte* data, |
|
547 xmlSecSize maxDataSize, |
|
548 xmlSecSize* dataSize, |
|
549 xmlSecTransformCtxPtr transformCtx); |
|
550 XMLSEC_EXPORT int xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform, |
|
551 xmlSecNodeSetPtr nodes, |
|
552 xmlSecTransformCtxPtr transformCtx); |
|
553 XMLSEC_EXPORT int xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform, |
|
554 xmlSecNodeSetPtr* nodes, |
|
555 xmlSecTransformCtxPtr transformCtx); |
|
556 |
|
557 /************************************************************************ |
|
558 * |
|
559 * IO buffers for transforms |
|
560 * |
|
561 ************************************************************************/ |
|
562 XMLSEC_EXPORT xmlOutputBufferPtr xmlSecTransformCreateOutputBuffer(xmlSecTransformPtr transform, |
|
563 xmlSecTransformCtxPtr transformCtx); |
|
564 XMLSEC_EXPORT xmlParserInputBufferPtr xmlSecTransformCreateInputBuffer(xmlSecTransformPtr transform, |
|
565 xmlSecTransformCtxPtr transformCtx); |
|
566 |
|
567 /************************************************************************ |
|
568 * |
|
569 * Transform Klass |
|
570 * |
|
571 ************************************************************************/ |
|
572 /** |
|
573 * xmlSecTransformInitializeMethod: |
|
574 * @transform: the pointer to transform object. |
|
575 * |
|
576 * The transform specific initialization method. |
|
577 * |
|
578 * Returns 0 on success or a negative value otherwise. |
|
579 */ |
|
580 typedef int (*xmlSecTransformInitializeMethod) (xmlSecTransformPtr transform); |
|
581 |
|
582 /** |
|
583 * xmlSecTransformFinalizeMethod: |
|
584 * @transform: the pointer to transform object. |
|
585 * |
|
586 * The transform specific destroy method. |
|
587 */ |
|
588 typedef void (*xmlSecTransformFinalizeMethod) (xmlSecTransformPtr transform); |
|
589 |
|
590 /** |
|
591 * xmlSecTransformGetDataTypeMethod: |
|
592 * @transform: the pointer to transform object. |
|
593 * @mode: the mode. |
|
594 * @transformCtx: the pointer to transform context object. |
|
595 * |
|
596 * The transform specific method to query information about transform |
|
597 * data type in specified mode @mode. |
|
598 * |
|
599 * Returns transform data type. |
|
600 */ |
|
601 typedef xmlSecTransformDataType (*xmlSecTransformGetDataTypeMethod)(xmlSecTransformPtr transform, |
|
602 xmlSecTransformMode mode, |
|
603 xmlSecTransformCtxPtr transformCtx); |
|
604 |
|
605 /** |
|
606 * xmlSecTransformNodeReadMethod: |
|
607 * @transform: the pointer to transform object. |
|
608 * @node: the pointer to <dsig:Transform/> node. |
|
609 * @transformCtx: the pointer to transform context object. |
|
610 * |
|
611 * The transform specific method to read the transform data from |
|
612 * the @node. |
|
613 * |
|
614 * Returns 0 on success or a negative value otherwise. |
|
615 */ |
|
616 typedef int (*xmlSecTransformNodeReadMethod) (xmlSecTransformPtr transform, |
|
617 xmlNodePtr node, |
|
618 xmlSecTransformCtxPtr transformCtx); |
|
619 |
|
620 /** |
|
621 * xmlSecTransformNodeWriteMethod: |
|
622 * @transform: the pointer to transform object. |
|
623 * @node: the pointer to <dsig:Transform/> node. |
|
624 * @transformCtx: the pointer to transform context object. |
|
625 * |
|
626 * The transform specific method to write transform information to an XML node @node. |
|
627 * |
|
628 * Returns 0 on success or a negative value otherwise. |
|
629 */ |
|
630 typedef int (*xmlSecTransformNodeWriteMethod) (xmlSecTransformPtr transform, |
|
631 xmlNodePtr node, |
|
632 xmlSecTransformCtxPtr transformCtx); |
|
633 |
|
634 /** |
|
635 * xmlSecTransformSetKeyRequirementsMethod: |
|
636 * @transform: the pointer to transform object. |
|
637 * @keyReq: the pointer to key requirements structure. |
|
638 * |
|
639 * Transform specific method to set transform's key requirements. |
|
640 * |
|
641 * Returns 0 on success or a negative value otherwise. |
|
642 */ |
|
643 typedef int (*xmlSecTransformSetKeyRequirementsMethod)(xmlSecTransformPtr transform, |
|
644 xmlSecKeyReqPtr keyReq); |
|
645 |
|
646 /** |
|
647 * xmlSecTransformSetKeyMethod: |
|
648 * @transform: the pointer to transform object. |
|
649 * @key: the pointer to key. |
|
650 * |
|
651 * The transform specific method to set the key for use. |
|
652 * |
|
653 * Returns 0 on success or a negative value otherwise. |
|
654 */ |
|
655 typedef int (*xmlSecTransformSetKeyMethod) (xmlSecTransformPtr transform, |
|
656 xmlSecKeyPtr key); |
|
657 |
|
658 /** |
|
659 * xmlSecTransformVerifyMethod: |
|
660 * @transform: the pointer to transform object. |
|
661 * @data: the input buffer. |
|
662 * @dataSize: the size of input buffer @data. |
|
663 * @transformCtx: the pointer to transform context object. |
|
664 * |
|
665 * The transform specific method to verify transform processing results |
|
666 * (used by digest and signature transforms). This method sets @status |
|
667 * member of the #xmlSecTransform structure to either #xmlSecTransformStatusOk |
|
668 * if verification succeeded or #xmlSecTransformStatusFail otherwise. |
|
669 * |
|
670 * Returns 0 on success or a negative value otherwise. |
|
671 */ |
|
672 typedef int (*xmlSecTransformVerifyMethod) (xmlSecTransformPtr transform, |
|
673 const xmlSecByte* data, |
|
674 xmlSecSize dataSize, |
|
675 xmlSecTransformCtxPtr transformCtx); |
|
676 /** |
|
677 * xmlSecTransformPushBinMethod: |
|
678 * @transform: the pointer to transform object. |
|
679 * @data: the input binary data, |
|
680 * @dataSize: the input data size. |
|
681 * @final: the flag: if set to 1 then it's the last |
|
682 * data chunk. |
|
683 * @transformCtx: the pointer to transform context object. |
|
684 * |
|
685 * The transform specific method to process data from @data and push |
|
686 * result to the next transform in the chain. |
|
687 * |
|
688 * Returns 0 on success or a negative value otherwise. |
|
689 */ |
|
690 typedef int (*xmlSecTransformPushBinMethod) (xmlSecTransformPtr transform, |
|
691 const xmlSecByte* data, |
|
692 xmlSecSize dataSize, |
|
693 int final, |
|
694 xmlSecTransformCtxPtr transformCtx); |
|
695 /** |
|
696 * xmlSecTransformPopBinMethod: |
|
697 * @transform: the pointer to transform object. |
|
698 * @data: the buffer to store result data. |
|
699 * @maxDataSize: the size of the buffer @data. |
|
700 * @dataSize: the pointer to returned data size. |
|
701 * @transformCtx: the pointer to transform context object. |
|
702 * |
|
703 * The transform specific method to pop data from previous transform |
|
704 * in the chain and return result in the @data buffer. The size of returned |
|
705 * data is placed in the @dataSize. |
|
706 * |
|
707 * Returns 0 on success or a negative value otherwise. |
|
708 */ |
|
709 typedef int (*xmlSecTransformPopBinMethod) (xmlSecTransformPtr transform, |
|
710 xmlSecByte* data, |
|
711 xmlSecSize maxDataSize, |
|
712 xmlSecSize* dataSize, |
|
713 xmlSecTransformCtxPtr transformCtx); |
|
714 /** |
|
715 * xmlSecTransformPushXmlMethod: |
|
716 * @transform: the pointer to transform object. |
|
717 * @nodes: the input nodes. |
|
718 * @transformCtx: the pointer to transform context object. |
|
719 * |
|
720 * The transform specific method to process @nodes and push result to the next |
|
721 * transform in the chain. |
|
722 * |
|
723 * Returns 0 on success or a negative value otherwise. |
|
724 */ |
|
725 typedef int (*xmlSecTransformPushXmlMethod) (xmlSecTransformPtr transform, |
|
726 xmlSecNodeSetPtr nodes, |
|
727 xmlSecTransformCtxPtr transformCtx); |
|
728 /** |
|
729 * xmlSecTransformPopXmlMethod: |
|
730 * @transform: the pointer to transform object. |
|
731 * @nodes: the pointer to store popinter to result nodes. |
|
732 * @transformCtx: the pointer to transform context object. |
|
733 * |
|
734 * The transform specific method to pop data from previous transform in the chain, |
|
735 * process the data and return result in @nodes. |
|
736 * |
|
737 * Returns 0 on success or a negative value otherwise. |
|
738 */ |
|
739 typedef int (*xmlSecTransformPopXmlMethod) (xmlSecTransformPtr transform, |
|
740 xmlSecNodeSetPtr* nodes, |
|
741 xmlSecTransformCtxPtr transformCtx); |
|
742 /** |
|
743 * xmlSecTransformExecuteMethod: |
|
744 * @transform: the pointer to transform object. |
|
745 * @last: the flag: if set to 1 then it's the last data chunk. |
|
746 * @transformCtx: the pointer to transform context object. |
|
747 * |
|
748 * Transform specific method to process a chunk of data. |
|
749 * |
|
750 * Returns 0 on success or a negative value otherwise. |
|
751 */ |
|
752 typedef int (*xmlSecTransformExecuteMethod) (xmlSecTransformPtr transform, |
|
753 int last, |
|
754 xmlSecTransformCtxPtr transformCtx); |
|
755 |
|
756 /** |
|
757 * xmlSecTransformKlass: |
|
758 * @klassSize: the transform klass structure size. |
|
759 * @objSize: the transform object size. |
|
760 * @name: the transform's name. |
|
761 * @href: the transform's identification string (href). |
|
762 * @usage: the allowed transforms usages. |
|
763 * @initialize: the initialization method. |
|
764 * @finalize: the finmalization (destroy) function. |
|
765 * @readNode: the XML node read method. |
|
766 * @writeNode: the XML node write method. |
|
767 * @setKeyReq: the set key requirements method. |
|
768 * @setKey: the set key method. |
|
769 * @verify: the verify method (for digest and signature transforms). |
|
770 * @getDataType: the input/output data type query method. |
|
771 * @pushBin: the binary data "push thru chain" processing method. |
|
772 * @popBin: the binary data "pop from chain" procesing method. |
|
773 * @pushXml: the XML data "push thru chain" processing method. |
|
774 * @popXml: the XML data "pop from chain" procesing method. |
|
775 * @execute: the low level data processing method used by default |
|
776 * implementations of @pushBin, @popBin, @pushXml and @popXml. |
|
777 * @reserved0: reserved for the future. |
|
778 * @reserved1: reserved for the future. |
|
779 * |
|
780 * The transform klass desccription structure. |
|
781 */ |
|
782 |
|
783 struct _xmlSecTransformKlass { |
|
784 /* data */ |
|
785 xmlSecSize klassSize; |
|
786 xmlSecSize objSize; |
|
787 const xmlChar* name; |
|
788 const xmlChar* href; |
|
789 xmlSecTransformUsage usage; |
|
790 |
|
791 /* methods */ |
|
792 xmlSecTransformInitializeMethod initialize; |
|
793 xmlSecTransformFinalizeMethod finalize; |
|
794 |
|
795 xmlSecTransformNodeReadMethod readNode; |
|
796 xmlSecTransformNodeWriteMethod writeNode; |
|
797 |
|
798 xmlSecTransformSetKeyRequirementsMethod setKeyReq; |
|
799 xmlSecTransformSetKeyMethod setKey; |
|
800 xmlSecTransformVerifyMethod verify; |
|
801 xmlSecTransformGetDataTypeMethod getDataType; |
|
802 |
|
803 xmlSecTransformPushBinMethod pushBin; |
|
804 xmlSecTransformPopBinMethod popBin; |
|
805 xmlSecTransformPushXmlMethod pushXml; |
|
806 xmlSecTransformPopXmlMethod popXml; |
|
807 |
|
808 /* low level method */ |
|
809 xmlSecTransformExecuteMethod execute; |
|
810 |
|
811 /* reserved for future */ |
|
812 void* reserved0; |
|
813 void* reserved1; |
|
814 }; |
|
815 |
|
816 /** |
|
817 * xmlSecTransformKlassGetName: |
|
818 * @klass: the transofrm's klass. |
|
819 * |
|
820 * Macro. Returns transform klass name. |
|
821 */ |
|
822 #define xmlSecTransformKlassGetName(klass) \ |
|
823 (((klass)) ? ((klass)->name) : NULL) |
|
824 |
|
825 /*********************************************************************** |
|
826 * |
|
827 * Transform Ids list |
|
828 * |
|
829 **********************************************************************/ |
|
830 /** |
|
831 * xmlSecTransformIdListId: |
|
832 * |
|
833 * Transform klasses list klass. |
|
834 */ |
|
835 #define xmlSecTransformIdListId xmlSecTransformIdListGetKlass() |
|
836 XMLSEC_EXPORT xmlSecPtrListId xmlSecTransformIdListGetKlass (void); |
|
837 XMLSEC_EXPORT int xmlSecTransformIdListFind (xmlSecPtrListPtr list, |
|
838 xmlSecTransformId transformId); |
|
839 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformIdListFindByHref (xmlSecPtrListPtr list, |
|
840 const xmlChar* href, |
|
841 xmlSecTransformUsage usage); |
|
842 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformIdListFindByName (xmlSecPtrListPtr list, |
|
843 const xmlChar* name, |
|
844 xmlSecTransformUsage usage); |
|
845 XMLSEC_EXPORT void xmlSecTransformIdListDebugDump (xmlSecPtrListPtr list, |
|
846 FILE* output); |
|
847 XMLSEC_EXPORT void xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list, |
|
848 FILE* output); |
|
849 |
|
850 |
|
851 /******************************************************************** |
|
852 * |
|
853 * XML Sec Library Transform Ids |
|
854 * |
|
855 *******************************************************************/ |
|
856 /** |
|
857 * xmlSecTransformIdUnknown: |
|
858 * |
|
859 * The "unknown" transform id (NULL). |
|
860 */ |
|
861 #define xmlSecTransformIdUnknown ((xmlSecTransformId)NULL) |
|
862 |
|
863 /** |
|
864 * xmlSecTransformBase64Id: |
|
865 * |
|
866 * The base64 encode transform klass. |
|
867 */ |
|
868 #define xmlSecTransformBase64Id \ |
|
869 xmlSecTransformBase64GetKlass() |
|
870 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformBase64GetKlass (void); |
|
871 XMLSEC_EXPORT void xmlSecTransformBase64SetLineSize (xmlSecTransformPtr transform, |
|
872 xmlSecSize lineSize); |
|
873 /** |
|
874 * xmlSecTransformInclC14NId: |
|
875 * |
|
876 * The regular (inclusive) C14N without comments transform klass. |
|
877 */ |
|
878 #define xmlSecTransformInclC14NId \ |
|
879 xmlSecTransformInclC14NGetKlass() |
|
880 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14NGetKlass (void); |
|
881 |
|
882 /** |
|
883 * xmlSecTransformInclC14NWithCommentsId: |
|
884 * |
|
885 * The regular (inclusive) C14N with comments transform klass. |
|
886 */ |
|
887 #define xmlSecTransformInclC14NWithCommentsId \ |
|
888 xmlSecTransformInclC14NWithCommentsGetKlass() |
|
889 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14NWithCommentsGetKlass(void); |
|
890 |
|
891 /** |
|
892 * xmlSecTransformExclC14NId |
|
893 * |
|
894 * The exclusive C14N without comments transform klass. |
|
895 */ |
|
896 #define xmlSecTransformExclC14NId \ |
|
897 xmlSecTransformExclC14NGetKlass() |
|
898 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformExclC14NGetKlass (void); |
|
899 |
|
900 /** |
|
901 * xmlSecTransformExclC14NWithCommentsId: |
|
902 * |
|
903 * The exclusive C14N with comments transform klass. |
|
904 */ |
|
905 #define xmlSecTransformExclC14NWithCommentsId \ |
|
906 xmlSecTransformExclC14NWithCommentsGetKlass() |
|
907 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformExclC14NWithCommentsGetKlass(void); |
|
908 |
|
909 /** |
|
910 * xmlSecTransformEnvelopedId: |
|
911 * |
|
912 * The "enveloped" transform klass. |
|
913 */ |
|
914 #define xmlSecTransformEnvelopedId \ |
|
915 xmlSecTransformEnvelopedGetKlass() |
|
916 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformEnvelopedGetKlass (void); |
|
917 |
|
918 /** |
|
919 * xmlSecTransformXPathId: |
|
920 * |
|
921 * The XPath transform klass. |
|
922 */ |
|
923 #define xmlSecTransformXPathId \ |
|
924 xmlSecTransformXPathGetKlass() |
|
925 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPathGetKlass (void); |
|
926 |
|
927 /** |
|
928 * xmlSecTransformXPath2Id: |
|
929 * |
|
930 * The XPath2 transform klass. |
|
931 */ |
|
932 #define xmlSecTransformXPath2Id \ |
|
933 xmlSecTransformXPath2GetKlass() |
|
934 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPath2GetKlass (void); |
|
935 |
|
936 /** |
|
937 * xmlSecTransformXPointerId: |
|
938 * |
|
939 * The XPointer transform klass. |
|
940 */ |
|
941 #define xmlSecTransformXPointerId \ |
|
942 xmlSecTransformXPointerGetKlass() |
|
943 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPointerGetKlass (void); |
|
944 XMLSEC_EXPORT int xmlSecTransformXPointerSetExpr (xmlSecTransformPtr transform, |
|
945 const xmlChar* expr, |
|
946 xmlSecNodeSetType nodeSetType, |
|
947 xmlNodePtr hereNode); |
|
948 #ifndef XMLSEC_NO_XSLT |
|
949 /** |
|
950 * xmlSecTransformXsltId: |
|
951 * |
|
952 * The XSLT transform klass. |
|
953 */ |
|
954 #define xmlSecTransformXsltId \ |
|
955 xmlSecTransformXsltGetKlass() |
|
956 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXsltGetKlass (void); |
|
957 #endif /* XMLSEC_NO_XSLT */ |
|
958 |
|
959 /** |
|
960 * xmlSecTransformRemoveXmlTagsC14NId: |
|
961 * |
|
962 * The "remove all xml tags" transform klass (used before base64 transforms). |
|
963 */ |
|
964 #define xmlSecTransformRemoveXmlTagsC14NId \ |
|
965 xmlSecTransformRemoveXmlTagsC14NGetKlass() |
|
966 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformRemoveXmlTagsC14NGetKlass(void); |
|
967 |
|
968 /** |
|
969 * xmlSecTransformVisa3DHackId: |
|
970 * |
|
971 * Selects node subtree by given node id string. The only reason why we need this |
|
972 * is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows |
|
973 * something like "#12345" in the URI attribute. Since we couldn't evaluate such |
|
974 * expressions thru XPath/XPointer engine, |
|
975 */ |
|
976 #define xmlSecTransformVisa3DHackId \ |
|
977 xmlSecTransformVisa3DHackGetKlass() |
|
978 XMLSEC_EXPORT xmlSecTransformId xmlSecTransformVisa3DHackGetKlass (void); |
|
979 XMLSEC_EXPORT int xmlSecTransformVisa3DHackSetID (xmlSecTransformPtr transform, |
|
980 const xmlChar* id); |
|
981 |
|
982 #ifdef __cplusplus |
|
983 } |
|
984 #endif /* __cplusplus */ |
|
985 |
|
986 #endif /* __XMLSEC_TRANSFORMS_H__ */ |
|
987 |