|
1 /* |
|
2 * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Class with methods used in sign and verification process. |
|
15 * |
|
16 */ |
|
17 |
|
18 // XML Engine |
|
19 #include <libxml2_tree.h> |
|
20 #include <libxml2_xmlmemory.h> |
|
21 #include <libxml2_parser.h> |
|
22 #include <libxml2_globals.h> |
|
23 |
|
24 #include <xmlengmem.h> |
|
25 #include <xmlengxestd.h> |
|
26 #include <xmlengutils.h> |
|
27 #include <xmlengxestrings.h> |
|
28 |
|
29 #include <xmlengdom.h> |
|
30 |
|
31 // XML Sec |
|
32 #include "xmlsec_crypto.h" |
|
33 #include "xmlsec_xmlsec.h" |
|
34 #include "xmlsec_xmltree.h" |
|
35 #include "xmlsec_xmldsig.h" |
|
36 #include "xmlsec_templates.h" |
|
37 #include "xmlsecc_x509.h" |
|
38 |
|
39 #include "xmlsecwsign.h" |
|
40 #include "xmlsecwkeymanager.h" |
|
41 #include "xmlsecwerrors.h" |
|
42 #include "xmlsecwdefs.h" |
|
43 #include "xmlsecwtemplate.h" |
|
44 #include "xmlsecwinternalutils.h" |
|
45 #include "xmlsecwglobalstate.h" |
|
46 |
|
47 namespace Sign |
|
48 { |
|
49 // --------------------------------------------------------------------------- |
|
50 // Reset sign ctx |
|
51 // --------------------------------------------------------------------------- |
|
52 // |
|
53 xmlSecDSigCtxPtr ResetCtxL(xmlSecDSigCtxPtr aCtx, CXmlSecKeyManager* aMngr) |
|
54 { |
|
55 xmlSecKeyPtr tmpKey = NULL; |
|
56 if(!aMngr) |
|
57 { |
|
58 tmpKey = aCtx->signKey; |
|
59 aCtx->signKey = NULL; |
|
60 } |
|
61 // destroy old ctx |
|
62 xmlSecDSigCtxDestroy(aCtx); |
|
63 // create new ctx |
|
64 if(aMngr) |
|
65 { |
|
66 aCtx = xmlSecDSigCtxCreate(aMngr->GetKeyManagerPtr()); |
|
67 } |
|
68 else |
|
69 { |
|
70 aCtx = xmlSecDSigCtxCreate(NULL); |
|
71 } |
|
72 // add key if needed |
|
73 if ( !aCtx ) |
|
74 { |
|
75 if ( tmpKey ) |
|
76 { |
|
77 xmlSecKeyDestroy( tmpKey ); |
|
78 } |
|
79 User::Leave( KErrNoMemory ); |
|
80 } |
|
81 |
|
82 aCtx->signKey = tmpKey; |
|
83 tmpKey = NULL; |
|
84 return aCtx; |
|
85 } |
|
86 |
|
87 // --------------------------------------------------------------------------- |
|
88 // Read key from file |
|
89 // --------------------------------------------------------------------------- |
|
90 // |
|
91 xmlSecKeyPtr ReadKeyFromFileL(const TDesC8& aKeyFile, |
|
92 const TDesC8& aKeyName, |
|
93 CXmlSecSign::TXmlSecKeyType aKeyFormat) |
|
94 { |
|
95 if(aKeyFile.Length() == 0) |
|
96 { |
|
97 User::Leave(KErrWrongParameter); |
|
98 } |
|
99 |
|
100 xmlSecKeyPtr keyPtr = NULL; |
|
101 char* file = XmlEngXmlCharFromDes8L(aKeyFile); |
|
102 CleanupStack::PushL(file); |
|
103 char* name = XmlEngXmlCharFromDes8L(aKeyName); |
|
104 CleanupStack::PushL(name); |
|
105 // load key - used method depend key type |
|
106 if (aKeyFormat == CXmlSecSign::ERSAPrivate) |
|
107 { |
|
108 if(aKeyName.Length() == 0) |
|
109 { |
|
110 User::Leave(KErrWrongParameter); |
|
111 } |
|
112 keyPtr = xmlSecCryptoAppKeyLoadWithName(file, xmlSecKeyDataFormatPkcs8Der, |
|
113 name, NULL, NULL, NULL); |
|
114 } |
|
115 else if (aKeyFormat == CXmlSecSign::ERSAPublic) |
|
116 { |
|
117 if(aKeyName.Length() == 0) |
|
118 { |
|
119 User::Leave(KErrWrongParameter); |
|
120 } |
|
121 keyPtr = xmlSecCryptoAppKeyLoadWithName(file, xmlSecKeyDataFormatDer, |
|
122 name, NULL, NULL, NULL); |
|
123 } |
|
124 else if (aKeyFormat == CXmlSecSign::EHMAC) |
|
125 keyPtr = xmlSecKeyReadBinaryFile(xmlSecKeyDataHmacId,file); |
|
126 |
|
127 if(!keyPtr) |
|
128 { |
|
129 XmlEngOOMTestL(); |
|
130 XmlSecErrorFlagTestL(); |
|
131 User::Leave(KErrKey); |
|
132 } |
|
133 const xmlChar* KTmpName = NULL; |
|
134 if(aKeyName.Length()) |
|
135 { |
|
136 KTmpName = (xmlChar*) name; |
|
137 } |
|
138 // add key name to key |
|
139 if((aKeyFormat == CXmlSecSign::EHMAC) && (xmlSecKeySetName(keyPtr,KTmpName) < 0)) |
|
140 { |
|
141 xmlSecKeyDestroy(keyPtr); |
|
142 XmlEngOOMTestL(); |
|
143 XmlSecErrorFlagTestL(); |
|
144 User::Leave(KErrKey); |
|
145 } |
|
146 |
|
147 CleanupStack::PopAndDestroy(name); |
|
148 CleanupStack::PopAndDestroy(file); |
|
149 return keyPtr; |
|
150 } |
|
151 |
|
152 // --------------------------------------------------------------------------- |
|
153 // Read key from buffer |
|
154 // --------------------------------------------------------------------------- |
|
155 // |
|
156 xmlSecKeyPtr ReadKeyFromBufferL(const TDesC8& aBuffer, |
|
157 const TDesC8& aKeyName, |
|
158 CXmlSecSign::TXmlSecKeyType aKeyFormat) |
|
159 { |
|
160 if(aBuffer.Length() == 0) |
|
161 { |
|
162 User::Leave(KErrWrongParameter); |
|
163 } |
|
164 char* name = XmlEngXmlCharFromDes8L(aKeyName); |
|
165 CleanupStack::PushL(name); |
|
166 xmlSecKeyPtr keyPtr = NULL; |
|
167 // load key - used method depend key type |
|
168 if (aKeyFormat == CXmlSecSign::ERSAPrivate) |
|
169 { |
|
170 if(aKeyName.Length() == 0) |
|
171 { |
|
172 User::Leave(KErrWrongParameter); |
|
173 } |
|
174 keyPtr = xmlSecCryptoAppKeyLoadMemoryWithName(aBuffer.Ptr(), aBuffer.Size(), |
|
175 xmlSecKeyDataFormatPkcs8Der, name, NULL, NULL, NULL); |
|
176 } |
|
177 else if (aKeyFormat == CXmlSecSign::ERSAPublic) |
|
178 { |
|
179 if(aKeyName.Length() == 0) |
|
180 { |
|
181 User::Leave(KErrWrongParameter); |
|
182 } |
|
183 keyPtr = xmlSecCryptoAppKeyLoadMemoryWithName(aBuffer.Ptr(), aBuffer.Size(), |
|
184 xmlSecKeyDataFormatDer, name, NULL, NULL, NULL); |
|
185 } |
|
186 else if (aKeyFormat == CXmlSecSign::EHMAC) |
|
187 keyPtr = xmlSecKeyReadMemory(xmlSecKeyDataHmacId,aBuffer.Ptr(), aBuffer.Size()); |
|
188 |
|
189 XmlEngOOMTestL(); |
|
190 XmlSecErrorFlagTestL(); |
|
191 if(!keyPtr) |
|
192 { |
|
193 User::Leave(KErrKey); |
|
194 } |
|
195 |
|
196 const xmlChar* KTmpName = NULL; |
|
197 if(aKeyName.Length()) |
|
198 { |
|
199 KTmpName = (xmlChar*) name; |
|
200 } |
|
201 // add key name to key |
|
202 if((aKeyFormat == CXmlSecSign::EHMAC) && (xmlSecKeySetName(keyPtr,KTmpName) < 0)) |
|
203 { |
|
204 xmlSecKeyDestroy(keyPtr); |
|
205 XmlEngOOMTestL(); |
|
206 XmlSecErrorFlagTestL(); |
|
207 User::Leave(KErrKey); |
|
208 } |
|
209 CleanupStack::PopAndDestroy(name); |
|
210 return keyPtr; |
|
211 } |
|
212 |
|
213 // --------------------------------------------------------------------------- |
|
214 // Reset template settings |
|
215 // --------------------------------------------------------------------------- |
|
216 // |
|
217 void TemplateCleanup(TAny* aPref) |
|
218 { |
|
219 if(aPref) |
|
220 { |
|
221 delete aPref; |
|
222 xmlSetPrefix(NULL); |
|
223 } |
|
224 xmlSetNewLineFlag(1); |
|
225 } |
|
226 |
|
227 }// namespace Sign |
|
228 |
|
229 // --------------------------------------------------------------------------- |
|
230 // Two phase constructor |
|
231 // --------------------------------------------------------------------------- |
|
232 // |
|
233 EXPORT_C CXmlSecSign* CXmlSecSign::NewLC() |
|
234 { |
|
235 CXmlSecSign* self = new (ELeave) CXmlSecSign; |
|
236 CleanupStack::PushL(self); |
|
237 self->ConstructL(); |
|
238 return self; |
|
239 } |
|
240 |
|
241 // --------------------------------------------------------------------------- |
|
242 // Two phase constructor |
|
243 // --------------------------------------------------------------------------- |
|
244 // |
|
245 EXPORT_C CXmlSecSign* CXmlSecSign::NewL() |
|
246 { |
|
247 CXmlSecSign* self = CXmlSecSign::NewLC(); |
|
248 CleanupStack::Pop(self); |
|
249 return self; |
|
250 } |
|
251 |
|
252 // --------------------------------------------------------------------------- |
|
253 // Sign the xml document |
|
254 // --------------------------------------------------------------------------- |
|
255 // |
|
256 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlDocumentL(RXmlEngDocument& aDocument, |
|
257 TBool aUseCurrentKey) |
|
258 { |
|
259 if(aDocument.IsNull()) |
|
260 { |
|
261 User::Leave(KErrWrongParameter); |
|
262 } |
|
263 return SignXmlNodeL(aDocument.DocumentElement(),aUseCurrentKey); |
|
264 } |
|
265 |
|
266 // --------------------------------------------------------------------------- |
|
267 // Sign the xml document |
|
268 // --------------------------------------------------------------------------- |
|
269 // |
|
270 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlDocumentKeyFromFileL(RXmlEngDocument& aDocument, |
|
271 RXmlEngDocument& aTemplate, |
|
272 const TDesC8& aKeyFile, |
|
273 const TDesC8& aKeyName, |
|
274 TXmlSecKeyType aKeyFormat) |
|
275 { |
|
276 SetKeyFromFileL(aKeyFile,aKeyName,aKeyFormat); |
|
277 if(EFalse == iTemplate.IsSameNode(aTemplate)) |
|
278 { |
|
279 SetTemplateL(aTemplate); |
|
280 } |
|
281 iSkipTmplLookUp = ETrue; //Set to TRUE indicating to skip searching for Template in document |
|
282 return SignXmlDocumentL(aDocument); |
|
283 } |
|
284 |
|
285 // --------------------------------------------------------------------------- |
|
286 // Sign the xml document |
|
287 // --------------------------------------------------------------------------- |
|
288 // |
|
289 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlDocumentKeyFromFileL(RXmlEngDocument& aDocument, |
|
290 const TDesC8& aKeyFile, |
|
291 const TDesC8& aKeyName, |
|
292 TXmlSecKeyType aKeyFormat) |
|
293 { |
|
294 SetKeyFromFileL(aKeyFile,aKeyName,aKeyFormat); |
|
295 return SignXmlDocumentL(aDocument); |
|
296 } |
|
297 |
|
298 // --------------------------------------------------------------------------- |
|
299 // Sign the xml document |
|
300 // --------------------------------------------------------------------------- |
|
301 // |
|
302 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlDocumentKeyFromBufferL(RXmlEngDocument& aDocument, |
|
303 RXmlEngDocument& aTemplate, |
|
304 const TDesC8& aKey, |
|
305 const TDesC8& aKeyName, |
|
306 TXmlSecKeyType aKeyFormat) |
|
307 { |
|
308 SetKeyFromBufferL(aKey,aKeyName,aKeyFormat); |
|
309 if(EFalse == iTemplate.IsSameNode(aTemplate)) |
|
310 { |
|
311 SetTemplateL(aTemplate); |
|
312 } |
|
313 iSkipTmplLookUp = ETrue; //Set to TRUE indicating to skip searching for Template in document |
|
314 return SignXmlDocumentL(aDocument); |
|
315 } |
|
316 |
|
317 // --------------------------------------------------------------------------- |
|
318 // Sign the xml document |
|
319 // --------------------------------------------------------------------------- |
|
320 // |
|
321 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlDocumentKeyFromBufferL(RXmlEngDocument& aDocument, |
|
322 const TDesC8& aKey, |
|
323 const TDesC8& aKeyName, |
|
324 TXmlSecKeyType aKeyFormat) |
|
325 { |
|
326 SetKeyFromBufferL(aKey,aKeyName,aKeyFormat); |
|
327 return SignXmlDocumentL(aDocument); |
|
328 } |
|
329 |
|
330 |
|
331 // --------------------------------------------------------------------------- |
|
332 // Sign the xml node |
|
333 // --------------------------------------------------------------------------- |
|
334 // |
|
335 TXmlEngElement CXmlSecSign::SignXmlNodeL(TXmlEngElement aNode, TBool aUseCurrentKey) |
|
336 { |
|
337 TXmlEngElement ele; |
|
338 TBool add = FALSE; |
|
339 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
340 // Reset ctxt |
|
341 if(aUseCurrentKey) |
|
342 { |
|
343 iSigCtx = NULL; |
|
344 tmpCtx = Sign::ResetCtxL(tmpCtx,NULL); |
|
345 iSigCtx = tmpCtx; |
|
346 } |
|
347 else |
|
348 { |
|
349 if(!iMngr) |
|
350 { |
|
351 iMngr = CXmlSecKeyManager::GetInstanceL(); |
|
352 } |
|
353 iSigCtx = NULL; |
|
354 tmpCtx = Sign::ResetCtxL(tmpCtx,iMngr); |
|
355 iSigCtx = tmpCtx; |
|
356 } |
|
357 |
|
358 xmlNodePtr node = NULL; |
|
359 |
|
360 // skip if there is a template already available which may or may not contain Signature(from document) |
|
361 if(EFalse == iSkipTmplLookUp) |
|
362 { |
|
363 // find <Signature> in aNode |
|
364 node = xmlSecFindNode(xmlDocGetRootElement(INTERNAL_NODEPTR(aNode)->doc), |
|
365 xmlSecNodeSignature, xmlSecDSigNs); |
|
366 } |
|
367 TXmlEngElement sign(node); |
|
368 if(!node) |
|
369 { |
|
370 if(iTemplate.NotNull()) |
|
371 { |
|
372 // process template |
|
373 node = xmlSecFindNode(xmlDocGetRootElement(INTERNAL_DOCPTR(iTemplate)), |
|
374 xmlSecNodeSignature, xmlSecDSigNs); |
|
375 if(!node) |
|
376 { |
|
377 User::Leave(KErrTemplate); |
|
378 } |
|
379 node = xmlCopyNode(node, 1); |
|
380 if(!node) |
|
381 { |
|
382 User::Leave(KErrNoMemory); |
|
383 } |
|
384 // add template to document that should be signed |
|
385 sign = TXmlEngElement(node); |
|
386 aNode.AppendChildL(sign); |
|
387 add = TRUE; |
|
388 } |
|
389 } |
|
390 |
|
391 // sign the data |
|
392 if(xmlSecDSigCtxSign(tmpCtx, node) < 0) |
|
393 { |
|
394 XmlEngOOMTestL(); |
|
395 XmlSecErrorFlagTestL(); |
|
396 User::Leave(KErrSign); |
|
397 } |
|
398 if(add) |
|
399 { |
|
400 sign.Unlink(); |
|
401 } |
|
402 iSkipTmplLookUp = EFalse; // Reset the Flag |
|
403 return sign; |
|
404 } |
|
405 |
|
406 // --------------------------------------------------------------------------- |
|
407 // Sign the xml nodes |
|
408 // --------------------------------------------------------------------------- |
|
409 // |
|
410 EXPORT_C TXmlEngElement CXmlSecSign::SignXmlNodesL(RArray<TXmlEngElement>& aNodes, |
|
411 TBool aUseCurrentKey) |
|
412 { |
|
413 if(!aNodes.Count()) |
|
414 { |
|
415 User::Leave(KErrWrongParameter); |
|
416 } |
|
417 return SignXmlNodeL(aNodes[0].OwnerDocument().DocumentElement(),aUseCurrentKey); |
|
418 } |
|
419 |
|
420 // --------------------------------------------------------------------------- |
|
421 // Verify xml node |
|
422 // --------------------------------------------------------------------------- |
|
423 // |
|
424 EXPORT_C TBool CXmlSecSign::VerifyXmlNodeL(TXmlEngElement aNode, |
|
425 TXmlSecVerificationKeyRepository aKeyRepository) |
|
426 { |
|
427 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
428 |
|
429 // Reset ctxt |
|
430 if( aKeyRepository == EThisObject ) |
|
431 { |
|
432 iSigCtx = NULL; |
|
433 tmpCtx = Sign::ResetCtxL(tmpCtx,iMngr); |
|
434 iSigCtx = tmpCtx; |
|
435 } |
|
436 else |
|
437 { |
|
438 if(!iMngr) |
|
439 { |
|
440 iMngr = CXmlSecKeyManager::GetInstanceL(); |
|
441 } |
|
442 iSigCtx = NULL; |
|
443 tmpCtx = Sign::ResetCtxL(tmpCtx,iMngr); |
|
444 iSigCtx = tmpCtx; |
|
445 } |
|
446 // should cert store be used |
|
447 if ( aKeyRepository == ECertStore ) |
|
448 { |
|
449 xmlSecSetCertStoreFlag(); |
|
450 } |
|
451 // verify data |
|
452 if (xmlSecDSigCtxVerify(tmpCtx, INTERNAL_NODEPTR(aNode)) < 0) |
|
453 { |
|
454 if ( aKeyRepository == ECertStore ) |
|
455 { |
|
456 xmlSecResetCertStoreFlag(); |
|
457 } |
|
458 XmlEngOOMTestL(); |
|
459 XmlSecErrorFlagTestL(); |
|
460 User::Leave(KErrVerify); |
|
461 } |
|
462 // check result |
|
463 if (tmpCtx->status == xmlSecDSigStatusSucceeded) |
|
464 { |
|
465 if ( aKeyRepository == ECertStore ) |
|
466 { |
|
467 xmlSecResetCertStoreFlag(); |
|
468 } |
|
469 return ETrue; |
|
470 } |
|
471 return EFalse; |
|
472 } |
|
473 |
|
474 // --------------------------------------------------------------------------- |
|
475 // Verify xml node |
|
476 // --------------------------------------------------------------------------- |
|
477 // |
|
478 EXPORT_C TBool CXmlSecSign::VerifyXmlNodeKeyFromFileL(TXmlEngElement aNode, |
|
479 const TDesC8& aKeyFile, |
|
480 const TDesC8& aKeyName, |
|
481 TXmlSecKeyType aKeyType) |
|
482 { |
|
483 SetKeyFromFileL(aKeyFile,aKeyName,aKeyType); |
|
484 return VerifyXmlNodeL(aNode); |
|
485 } |
|
486 |
|
487 // --------------------------------------------------------------------------- |
|
488 // Verify xml node |
|
489 // --------------------------------------------------------------------------- |
|
490 // |
|
491 EXPORT_C TBool CXmlSecSign::VerifyXmlNodeKeyFromBufferL(TXmlEngElement aNode, |
|
492 const TDesC8& aKey, |
|
493 const TDesC8& aKeyName, |
|
494 TXmlSecKeyType aKeyType) |
|
495 { |
|
496 SetKeyFromBufferL(aKey,aKeyName,aKeyType); |
|
497 return VerifyXmlNodeL(aNode); |
|
498 } |
|
499 |
|
500 // --------------------------------------------------------------------------- |
|
501 // Verify xml document |
|
502 // --------------------------------------------------------------------------- |
|
503 // |
|
504 EXPORT_C TBool CXmlSecSign::VerifyXmlDocumentL(const RXmlEngDocument& aDocument, |
|
505 TXmlSecVerificationKeyRepository aKeyRepository) |
|
506 { |
|
507 xmlNodePtr node = NULL; |
|
508 TXmlEngNode tmpNode = aDocument.DocumentElement(); |
|
509 xmlNodePtr root = INTERNAL_NODEPTR(tmpNode); |
|
510 node = xmlSecFindNode(root,xmlSecNodeSignature, xmlSecDSigNs); |
|
511 if(!node) |
|
512 { |
|
513 User::Leave(KErrVerify); |
|
514 } |
|
515 return VerifyXmlNodeL(TXmlEngElement(node),aKeyRepository); |
|
516 } |
|
517 |
|
518 // --------------------------------------------------------------------------- |
|
519 // Verify xml document |
|
520 // --------------------------------------------------------------------------- |
|
521 // |
|
522 EXPORT_C TBool CXmlSecSign::VerifyXmlDocumentKeyFromFileL(const RXmlEngDocument& aDocument, |
|
523 const TDesC8& aKeyFile, |
|
524 const TDesC8& aKeyName, |
|
525 TXmlSecKeyType aKeyType) |
|
526 { |
|
527 SetKeyFromFileL(aKeyFile,aKeyName,aKeyType); |
|
528 return VerifyXmlDocumentL(aDocument); |
|
529 } |
|
530 |
|
531 // --------------------------------------------------------------------------- |
|
532 // Verify xml document |
|
533 // --------------------------------------------------------------------------- |
|
534 // |
|
535 EXPORT_C TBool CXmlSecSign::VerifyXmlDocumentKeyFromBufferL(const RXmlEngDocument& aDocument, |
|
536 const TDesC8& aKey, |
|
537 const TDesC8& aKeyName, |
|
538 TXmlSecKeyType aKeyType) |
|
539 { |
|
540 SetKeyFromBufferL(aKey,aKeyName,aKeyType); |
|
541 return VerifyXmlDocumentL(aDocument); |
|
542 } |
|
543 |
|
544 // --------------------------------------------------------------------------- |
|
545 // Set template from file |
|
546 // --------------------------------------------------------------------------- |
|
547 // |
|
548 EXPORT_C void CXmlSecSign::SetTemplateFromFileL(const TDesC8& aTemplate) |
|
549 { |
|
550 XmlSecTemplate::SetTemplateFromFileL(iTemplate,aTemplate); |
|
551 } |
|
552 |
|
553 // --------------------------------------------------------------------------- |
|
554 // Set template from file |
|
555 // --------------------------------------------------------------------------- |
|
556 // |
|
557 EXPORT_C void CXmlSecSign::SetTemplateFromFileL(RFs& aRFs, const TDesC8& aTemplate) |
|
558 { |
|
559 XmlSecTemplate::SetTemplateFromFileL(iTemplate,aTemplate,aRFs); |
|
560 } |
|
561 |
|
562 // --------------------------------------------------------------------------- |
|
563 // Set template from buffer |
|
564 // --------------------------------------------------------------------------- |
|
565 // |
|
566 EXPORT_C void CXmlSecSign::SetTemplateFromBufferL(const TDesC8& aTemplate) |
|
567 { |
|
568 XmlSecTemplate::SetTemplateFromBufferL(iTemplate,aTemplate); |
|
569 } |
|
570 |
|
571 // --------------------------------------------------------------------------- |
|
572 // Set template from DOM tree |
|
573 // --------------------------------------------------------------------------- |
|
574 // |
|
575 EXPORT_C void CXmlSecSign::SetTemplateL(const RXmlEngDocument& aTemplate) |
|
576 { |
|
577 XmlSecTemplate::SetTemplateL(iTemplate,aTemplate); |
|
578 } |
|
579 |
|
580 // --------------------------------------------------------------------------- |
|
581 // Set key info node in template |
|
582 // --------------------------------------------------------------------------- |
|
583 // |
|
584 EXPORT_C void CXmlSecSign::SetKeyInfoL(const TDesC8& aKeyName) |
|
585 { |
|
586 XmlSecTemplate::SetKeyInfoL(iTemplate,aKeyName); |
|
587 } |
|
588 |
|
589 // --------------------------------------------------------------------------- |
|
590 // Set key info node in template |
|
591 // --------------------------------------------------------------------------- |
|
592 // |
|
593 EXPORT_C void CXmlSecSign::SetKeyInfoL(TXmlEngElement aKeyProp) |
|
594 { |
|
595 XmlSecTemplate::SetKeyInfoL(iTemplate,aKeyProp); |
|
596 } |
|
597 |
|
598 // --------------------------------------------------------------------------- |
|
599 // Create template |
|
600 // --------------------------------------------------------------------------- |
|
601 // |
|
602 EXPORT_C const RXmlEngDocument& CXmlSecSign::CreateTemplateL(TXmlSecKeyType aKeyFormat, |
|
603 RArray<TXmlEngElement>& aNodes, |
|
604 const TDesC8& aId, |
|
605 TBool aX509Cert, |
|
606 TUint aTransform, |
|
607 const TDesC8& aPref, |
|
608 TBool aNewLine) |
|
609 { |
|
610 _LIT8(KSep,":"); |
|
611 _LIT8(KPoint,"#"); |
|
612 if(iTemplate.NotNull()) |
|
613 { |
|
614 iTemplate.Close(); |
|
615 } |
|
616 |
|
617 if(!aNewLine) |
|
618 { |
|
619 xmlSetNewLineFlag(0); |
|
620 } |
|
621 |
|
622 unsigned char* pref = NULL; |
|
623 if(aPref.Length()) |
|
624 { |
|
625 pref = (unsigned char*) XmlEngXmlCharFromDes8L(aPref); |
|
626 xmlSetPrefix(pref); |
|
627 } |
|
628 CleanupStack::PushL(TCleanupItem(Sign::TemplateCleanup,(TAny*)pref)); |
|
629 |
|
630 xmlNodePtr signNode = NULL; |
|
631 xmlNodePtr refNode = NULL; |
|
632 xmlNodePtr keyInfoNode = NULL; |
|
633 |
|
634 if((aKeyFormat == ERSAPrivate) || (aKeyFormat == ERSAPublic)) |
|
635 { |
|
636 // create signature template for RSA-SHA1 enveloped signature |
|
637 signNode = xmlSecTmplSignatureCreate(NULL, xmlSecTransformExclC14NId, |
|
638 xmlSecTransformRsaSha1Id, NULL); |
|
639 } |
|
640 else if(aKeyFormat == CXmlSecSign::EHMAC) |
|
641 { |
|
642 // create signature template for HMAC-SHA1 enveloped signature |
|
643 signNode = xmlSecTmplSignatureCreate(NULL, xmlSecTransformExclC14NId, |
|
644 xmlSecTransformHmacSha1Id, NULL); |
|
645 |
|
646 } |
|
647 if(!signNode) |
|
648 { |
|
649 XmlEngOOMTestL(); |
|
650 XmlSecErrorFlagTestL(); |
|
651 User::Leave(KErrTemplate); |
|
652 } |
|
653 |
|
654 CleanupStack::PushL(TCleanupItem(LibxmlNodeCleanup,(TAny*)signNode)); |
|
655 |
|
656 TInt nodeCount = aNodes.Count(); |
|
657 if(!nodeCount) |
|
658 { |
|
659 // add reference |
|
660 refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id, |
|
661 NULL, NULL, NULL); |
|
662 if(!refNode) |
|
663 { |
|
664 //xmlFreeNode( signNode ); |
|
665 XmlEngOOMTestL(); |
|
666 XmlSecErrorFlagTestL(); |
|
667 User::Leave(KErrTemplate); |
|
668 } |
|
669 |
|
670 if(KEnvelopedSignature & aTransform) |
|
671 { |
|
672 // add enveloped transform |
|
673 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId)) |
|
674 { |
|
675 //xmlFreeNode( signNode ); |
|
676 XmlEngOOMTestL(); |
|
677 XmlSecErrorFlagTestL(); |
|
678 User::Leave(KErrTemplate); |
|
679 } |
|
680 } |
|
681 if(KC14N & aTransform) |
|
682 { |
|
683 // add enveloped transform |
|
684 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformInclC14NId)) |
|
685 { |
|
686 //xmlFreeNode( signNode ); |
|
687 XmlEngOOMTestL(); |
|
688 XmlSecErrorFlagTestL(); |
|
689 User::Leave(KErrTemplate); |
|
690 } |
|
691 } |
|
692 else if(KExclusiveC14N & aTransform) |
|
693 { |
|
694 // add enveloped transform |
|
695 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformExclC14NId)) |
|
696 { |
|
697 //xmlFreeNode( signNode ); |
|
698 XmlEngOOMTestL(); |
|
699 XmlSecErrorFlagTestL(); |
|
700 User::Leave(KErrTemplate); |
|
701 } |
|
702 } |
|
703 } |
|
704 else |
|
705 { |
|
706 TPtrC8 nameSpace = KNullDesC8(); |
|
707 TPtrC8 uriVal = KNullDesC8(); |
|
708 TXmlEngString str; |
|
709 TInt pos = aId.Find(KSep); |
|
710 // check id of element |
|
711 if(pos > 0) |
|
712 { |
|
713 nameSpace.Set(aNodes[0].LookupNamespaceUriL(aId.Left(pos))); |
|
714 if(!nameSpace.Length()) |
|
715 { |
|
716 //xmlFreeNode( signNode ); |
|
717 if (OOM_FLAG) |
|
718 { |
|
719 XmlEngLeaveOOML(); |
|
720 } |
|
721 XmlSecErrorFlagTestL(); |
|
722 User::Leave(KErrIdUndefineNS); |
|
723 } |
|
724 } |
|
725 // for all elements with id add reference |
|
726 TXmlEngElement elem; |
|
727 for(TInt i = 0; i < nodeCount; i++) |
|
728 { |
|
729 elem = aNodes[i]; |
|
730 uriVal.Set(elem.AttributeValueL(aId.Right(aId.Length() - (pos + 1)),nameSpace)); |
|
731 if(uriVal.Length()) |
|
732 { |
|
733 str.SetL(KPoint); |
|
734 CleanupClosePushL(str); |
|
735 TXmlEngString str2; |
|
736 str2.SetL(uriVal); |
|
737 CleanupClosePushL(str2); |
|
738 str.AppendL(str2); |
|
739 CleanupStack::PopAndDestroy(&str2); |
|
740 // add reference |
|
741 refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id, |
|
742 NULL, (unsigned char*)str.Cstring(), NULL); |
|
743 CleanupStack::PopAndDestroy(&str); |
|
744 if(!refNode) |
|
745 { |
|
746 //xmlFreeNode( signNode ); |
|
747 XmlEngOOMTestL(); |
|
748 XmlSecErrorFlagTestL(); |
|
749 User::Leave(KErrTemplate); |
|
750 } |
|
751 |
|
752 if(KEnvelopedSignature & aTransform) |
|
753 { |
|
754 // add enveloped transform |
|
755 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId)) |
|
756 { |
|
757 //xmlFreeNode( signNode ); |
|
758 XmlEngOOMTestL(); |
|
759 XmlSecErrorFlagTestL(); |
|
760 User::Leave(KErrTemplate); |
|
761 } |
|
762 } |
|
763 if(KC14N & aTransform) |
|
764 { |
|
765 // add enveloped transform |
|
766 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformInclC14NId)) |
|
767 { |
|
768 //xmlFreeNode( signNode ); |
|
769 XmlEngOOMTestL(); |
|
770 XmlSecErrorFlagTestL(); |
|
771 User::Leave(KErrTemplate); |
|
772 } |
|
773 } |
|
774 else if(KExclusiveC14N & aTransform) |
|
775 { |
|
776 // add enveloped transform |
|
777 if(!xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformExclC14NId)) |
|
778 { |
|
779 //xmlFreeNode( signNode ); |
|
780 XmlEngOOMTestL(); |
|
781 XmlSecErrorFlagTestL(); |
|
782 User::Leave(KErrTemplate); |
|
783 } |
|
784 } |
|
785 } |
|
786 } |
|
787 } |
|
788 |
|
789 // add <dsig:KeyInfo/> and <dsig:X509Data/> |
|
790 keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL); |
|
791 if(!keyInfoNode) |
|
792 { |
|
793 //xmlFreeNode( signNode ); |
|
794 XmlEngOOMTestL(); |
|
795 XmlSecErrorFlagTestL(); |
|
796 User::Leave(KErrTemplate); |
|
797 } |
|
798 if(aKeyFormat != CXmlSecSign::EHMAC && aX509Cert) |
|
799 { |
|
800 if(!xmlSecTmplKeyInfoAddX509Data(keyInfoNode)) |
|
801 { |
|
802 //xmlFreeNode( signNode ); |
|
803 XmlEngOOMTestL(); |
|
804 XmlSecErrorFlagTestL(); |
|
805 User::Leave(KErrTemplate); |
|
806 } |
|
807 } |
|
808 |
|
809 xmlDocPtr doc = xmlNewDoc(NULL); |
|
810 xmlNodePtr tmpNode = xmlAddChild(INTERNAL_NODEPTR(doc), signNode); |
|
811 if(!tmpNode) |
|
812 { |
|
813 xmlFreeDoc(doc); |
|
814 //xmlFreeNode(signNode); |
|
815 User::Leave(KErrNoMemory); |
|
816 } |
|
817 CleanupStack::Pop(signNode); |
|
818 // return created template |
|
819 RXmlEngDocument retDoc; |
|
820 XmlSecGlobalState* gs = XmlSecGetTls(); |
|
821 retDoc.OpenL(*gs->iDOMImpl,doc); |
|
822 iTemplate = retDoc; |
|
823 CleanupStack::PopAndDestroy(); |
|
824 return iTemplate; |
|
825 } |
|
826 |
|
827 // --------------------------------------------------------------------------- |
|
828 // Create template |
|
829 // --------------------------------------------------------------------------- |
|
830 // |
|
831 EXPORT_C const RXmlEngDocument& CXmlSecSign::CreateTemplateL(TXmlSecKeyType aKeyFormat, |
|
832 TBool aX509Cert, |
|
833 TUint aTransform, |
|
834 const TDesC8& aPref, |
|
835 TBool aNewLine) |
|
836 { |
|
837 RArray<TXmlEngElement> array; |
|
838 CleanupClosePushL(array); |
|
839 CreateTemplateL(aKeyFormat,array,KNullDesC8(),aX509Cert,aTransform,aPref,aNewLine); |
|
840 CleanupStack::PopAndDestroy(&array); |
|
841 return iTemplate; |
|
842 } |
|
843 |
|
844 // --------------------------------------------------------------------------- |
|
845 // Return current encryption template |
|
846 // --------------------------------------------------------------------------- |
|
847 // |
|
848 EXPORT_C const RXmlEngDocument& CXmlSecSign::CurrentTemplate() const |
|
849 { |
|
850 return iTemplate; |
|
851 } |
|
852 |
|
853 // --------------------------------------------------------------------------- |
|
854 // Destroy current encryption template |
|
855 // --------------------------------------------------------------------------- |
|
856 // |
|
857 EXPORT_C void CXmlSecSign::DestroyCurrentTemplate() |
|
858 { |
|
859 XmlSecTemplate::DestroyTemplate(iTemplate); |
|
860 } |
|
861 |
|
862 // --------------------------------------------------------------------------- |
|
863 // Read key from buffer and puts it in SymbianKeyStore |
|
864 // --------------------------------------------------------------------------- |
|
865 // |
|
866 EXPORT_C void CXmlSecSign::SetKeyFromBufferL(const TDesC8& aBuffer, |
|
867 const TDesC8& aKeyName, |
|
868 TXmlSecKeyType aKeyFormat) |
|
869 { |
|
870 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
871 if(tmpCtx->signKey) |
|
872 { |
|
873 xmlSecKeyDestroy(tmpCtx->signKey); |
|
874 tmpCtx->signKey = NULL; |
|
875 } |
|
876 tmpCtx->signKey = Sign::ReadKeyFromBufferL(aBuffer,aKeyName,aKeyFormat); |
|
877 } |
|
878 |
|
879 // --------------------------------------------------------------------------- |
|
880 // Read key from file and puts it in SymbianKeyStore |
|
881 // --------------------------------------------------------------------------- |
|
882 // |
|
883 EXPORT_C void CXmlSecSign::SetKeyFromFileL(const TDesC8& aKeyFile, |
|
884 const TDesC8& aKeyName, |
|
885 TXmlSecKeyType aKeyFormat) |
|
886 { |
|
887 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
888 if(tmpCtx->signKey) |
|
889 { |
|
890 xmlSecKeyDestroy(tmpCtx->signKey); |
|
891 tmpCtx->signKey = NULL; |
|
892 } |
|
893 tmpCtx->signKey = Sign::ReadKeyFromFileL(aKeyFile,aKeyName,aKeyFormat); |
|
894 } |
|
895 |
|
896 // --------------------------------------------------------------------------- |
|
897 // Read certificate from file |
|
898 // --------------------------------------------------------------------------- |
|
899 // |
|
900 EXPORT_C void CXmlSecSign::SetCertFromFileL(const TDesC8& aCertFile) |
|
901 { |
|
902 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
903 |
|
904 if(!tmpCtx->signKey) |
|
905 { |
|
906 User::Leave(KErrKey); |
|
907 } |
|
908 const TInt length = aCertFile.Length(); |
|
909 char* cStringFileName = new char[ length+1 ]; |
|
910 if (!cStringFileName) |
|
911 { |
|
912 User::Leave( KErrNoMemory ); |
|
913 } |
|
914 // copy cert data |
|
915 memcpy(cStringFileName, (char*) aCertFile.Ptr(), length); |
|
916 cStringFileName[ length ] = NULL; |
|
917 // read cert data, add cert to key |
|
918 if(xmlSecCryptoAppKeyCertLoad(tmpCtx->signKey, cStringFileName, xmlSecKeyDataFormatDer) < 0) |
|
919 { |
|
920 delete[] cStringFileName; |
|
921 XmlEngOOMTestL(); |
|
922 XmlSecErrorFlagTestL(); |
|
923 User::Leave(KErrCert); |
|
924 } |
|
925 delete[] cStringFileName; |
|
926 } |
|
927 |
|
928 // --------------------------------------------------------------------------- |
|
929 // Read certificate from buffer |
|
930 // --------------------------------------------------------------------------- |
|
931 // |
|
932 EXPORT_C void CXmlSecSign::SetCertFromBufferL(const TDesC8& aCert) |
|
933 { |
|
934 xmlSecDSigCtxPtr tmpCtx = SIG_CTX; |
|
935 |
|
936 if(!tmpCtx->signKey) |
|
937 { |
|
938 User::Leave(KErrKey); |
|
939 } |
|
940 // add cert data to key |
|
941 if(xmlSecSymbianCryptoAppKeyCertLoadMemory(tmpCtx->signKey,aCert.Ptr(),aCert.Size(), |
|
942 xmlSecKeyDataFormatDer) < 0) |
|
943 { |
|
944 User::Leave(KErrCert); |
|
945 } |
|
946 } |
|
947 |
|
948 // --------------------------------------------------------------------------- |
|
949 // Add cert from file to root's cert chain |
|
950 // --------------------------------------------------------------------------- |
|
951 // |
|
952 EXPORT_C void CXmlSecSign::AddTrustedCertFromFileL(const TDesC8& aCertFile) |
|
953 { |
|
954 if(!iMngr) |
|
955 { |
|
956 iMngr = CXmlSecKeyManager::GetInstanceL(); |
|
957 } |
|
958 const TInt length = aCertFile.Length(); |
|
959 char* cStringFileName = new char[ length+1 ]; |
|
960 if (!cStringFileName) |
|
961 { |
|
962 User::Leave( KErrNoMemory ); |
|
963 } |
|
964 memcpy(cStringFileName, (char*) aCertFile.Ptr(), length); |
|
965 cStringFileName[ length ] = NULL; |
|
966 // load cert data |
|
967 if(xmlSecCryptoAppKeysMngrCertLoad(iMngr->GetKeyManagerPtr(), cStringFileName, |
|
968 xmlSecKeyDataFormatDer, xmlSecKeyDataTypeTrusted) < 0) |
|
969 { |
|
970 delete[] cStringFileName; |
|
971 XmlEngOOMTestL(); |
|
972 XmlSecErrorFlagTestL(); |
|
973 User::Leave(KErrCert); |
|
974 } |
|
975 delete[] cStringFileName; |
|
976 } |
|
977 |
|
978 // --------------------------------------------------------------------------- |
|
979 // Add cert from buffer to root's cert chain |
|
980 // --------------------------------------------------------------------------- |
|
981 // |
|
982 EXPORT_C void CXmlSecSign::AddTrustedCertFromBufferL(const TDesC8& aCert) |
|
983 { |
|
984 if(!iMngr) |
|
985 { |
|
986 iMngr = CXmlSecKeyManager::GetInstanceL(); |
|
987 } |
|
988 if(xmlSecCryptoAppKeysMngrCertLoadMemory(iMngr->GetKeyManagerPtr(), aCert.Ptr(), |
|
989 aCert.Size(), xmlSecKeyDataFormatDer, xmlSecKeyDataTypeTrusted) < 0) |
|
990 { |
|
991 XmlEngOOMTestL(); |
|
992 XmlSecErrorFlagTestL(); |
|
993 User::Leave(KErrCert); |
|
994 } |
|
995 } |
|
996 |
|
997 // --------------------------------------------------------------------------- |
|
998 // Constructor |
|
999 // --------------------------------------------------------------------------- |
|
1000 // |
|
1001 CXmlSecSign::CXmlSecSign() |
|
1002 { |
|
1003 iTemplate = RXmlEngDocument(); |
|
1004 iSigCtx = NULL; |
|
1005 iSkipTmplLookUp = EFalse; //Initialize the flag to FALSE |
|
1006 } |
|
1007 |
|
1008 // --------------------------------------------------------------------------- |
|
1009 // Second phase constructor |
|
1010 // --------------------------------------------------------------------------- |
|
1011 // |
|
1012 void CXmlSecSign::ConstructL() |
|
1013 { |
|
1014 // create sign context |
|
1015 iSigCtx = xmlSecDSigCtxCreate(NULL); |
|
1016 if(!iSigCtx) |
|
1017 { |
|
1018 User::Leave(KErrNoMemory); |
|
1019 } |
|
1020 } |
|
1021 |
|
1022 // --------------------------------------------------------------------------- |
|
1023 // Destructor |
|
1024 // --------------------------------------------------------------------------- |
|
1025 // |
|
1026 CXmlSecSign::~CXmlSecSign() |
|
1027 { |
|
1028 if(iTemplate.NotNull()) |
|
1029 { |
|
1030 iTemplate.Close(); |
|
1031 } |
|
1032 if(iSigCtx) |
|
1033 { |
|
1034 xmlSecDSigCtxDestroy(SIG_CTX); |
|
1035 } |
|
1036 } |
|
1037 |