blautenb 2003/04/30 04:41:14
Modified: c/src/dsig DSIGConstants.cpp DSIGConstants.hpp
DSIGSignature.cpp DSIGSignature.hpp
DSIGTransformC14n.cpp
c/src/tools/xtest xtest.cpp
c/src/utils XSECDOMUtils.cpp XSECDOMUtils.hpp
Log:
Fix for bug with Excl Can. namespaces (Reported by Scott Cantor)
Revision Changes Path
1.5 +6 -3 xml-security/c/src/dsig/DSIGConstants.cpp
Index: DSIGConstants.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.cpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- DSIGConstants.cpp 7 Apr 2003 12:27:13 -0000 1.4
+++ DSIGConstants.cpp 30 Apr 2003 11:41:14 -0000 1.5
@@ -34,8 +34,7 @@
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
@@ -81,6 +80,7 @@
static XMLCh * s_unicodeStrAlgorithm;
static XMLCh * s_unicodeStrURIDSIG;
+static XMLCh * s_unicodeStrURIEC;
static XMLCh * s_unicodeStrURISHA1;
static XMLCh * s_unicodeStrURIMD5;
static XMLCh * s_unicodeStrURIBASE64;
@@ -111,6 +111,7 @@
const XMLCh * const & DSIGConstants::s_unicodeStrAlgorithm =
::s_unicodeStrAlgorithm;
const XMLCh * const & DSIGConstants::s_unicodeStrURIDSIG =
::s_unicodeStrURIDSIG;
+const XMLCh * const & DSIGConstants::s_unicodeStrURIEC = ::s_unicodeStrURIEC;
const XMLCh * const & DSIGConstants::s_unicodeStrURISHA1 =
::s_unicodeStrURISHA1;
const XMLCh * const & DSIGConstants::s_unicodeStrURIMD5 =
::s_unicodeStrURIMD5;
const XMLCh * const & DSIGConstants::s_unicodeStrURIBASE64 =
::s_unicodeStrURIBASE64;
@@ -146,6 +147,7 @@
::s_unicodeStrAlgorithm = XMLString::transcode("Algorithm");
::s_unicodeStrURIDSIG = XMLString::transcode(URI_ID_DSIG);
+ ::s_unicodeStrURIEC = XMLString::transcode(URI_ID_EC);
::s_unicodeStrURISHA1 = XMLString::transcode(URI_ID_SHA1);
::s_unicodeStrURIMD5 = XMLString::transcode(URI_ID_MD5);
::s_unicodeStrURIBASE64 = XMLString::transcode(URI_ID_BASE64);
@@ -177,6 +179,7 @@
delete[] ::s_unicodeStrAlgorithm;
delete[] ::s_unicodeStrURIDSIG;
+ delete[] ::s_unicodeStrURIEC;
delete[] ::s_unicodeStrURISHA1;
delete[] ::s_unicodeStrURIMD5;
delete[] ::s_unicodeStrURIBASE64;
1.8 +3 -2 xml-security/c/src/dsig/DSIGConstants.hpp
Index: DSIGConstants.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGConstants.hpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- DSIGConstants.hpp 24 Apr 2003 00:06:20 -0000 1.7
+++ DSIGConstants.hpp 30 Apr 2003 11:41:14 -0000 1.8
@@ -81,7 +81,7 @@
// Name Spaces
#define URI_ID_DSIG "http://www.w3.org/2000/09/xmldsig#";
-
+#define URI_ID_EC "http://www.w3.org/2001/10/xml-exc-c14n#";
// Hashing Algorithms
@@ -291,6 +291,7 @@
// URI_IDs
static const XMLCh * const & s_unicodeStrURIDSIG;
+ static const XMLCh * const & s_unicodeStrURIEC;
static const XMLCh * const & s_unicodeStrURISHA1;
static const XMLCh * const & s_unicodeStrURIMD5; // Not
recommended
static const XMLCh * const & s_unicodeStrURIBASE64;
1.11 +14 -3 xml-security/c/src/dsig/DSIGSignature.cpp
Index: DSIGSignature.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.cpp,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- DSIGSignature.cpp 11 Apr 2003 12:27:23 -0000 1.10
+++ DSIGSignature.cpp 30 Apr 2003 11:41:14 -0000 1.11
@@ -374,7 +374,8 @@
mp_doc = doc;
mp_sigNode = sigNode;
mp_signingKey = NULL;
- mp_prefixNS = NULL;
+ mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
+ mp_ecPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_URIResolver = NULL;
mp_KeyInfoResolver = NULL;
mp_KeyInfoNode = NULL;
@@ -395,7 +396,8 @@
mp_doc = NULL;
mp_sigNode = NULL;
mp_signingKey = NULL;
- mp_prefixNS = NULL;
+ mp_prefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
+ mp_ecPrefixNS = XMLString::replicate(DSIGConstants::s_unicodeStrEmpty);
mp_URIResolver = NULL;
mp_KeyInfoResolver = NULL;
mp_KeyInfoNode = NULL;
@@ -466,6 +468,15 @@
delete[] mp_prefixNS;
mp_prefixNS = XMLString::replicate(prefix);
+
+}
+
+void DSIGSignature::setECNSPrefix(const XMLCh * prefix) {
+
+ if (mp_ecPrefixNS != NULL)
+ delete[] mp_ecPrefixNS;
+
+ mp_ecPrefixNS = XMLString::replicate(prefix);
}
1.7 +29 -1 xml-security/c/src/dsig/DSIGSignature.hpp
Index: DSIGSignature.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGSignature.hpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- DSIGSignature.hpp 22 Apr 2003 22:35:17 -0000 1.6
+++ DSIGSignature.hpp 30 Apr 2003 11:41:14 -0000 1.7
@@ -258,6 +258,24 @@
void setDSIGNSPrefix(const XMLCh * prefix);
/**
+ * \brief Set the prefix be used for the Exclusive Canonicalisation
namespace.
+ *
+ * The Exclusive Canonicalisation specification defines a new
namespace for the
+ * InclusiveNamespaces node. This function can be used to set the
prefix
+ * that the library will use when creating nodes within this namespace.
+ *
+ * <p>xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#";</p>
+ *
+ * If no prefix is set, the default namespace will be used
+ *
+ * @see #createBlankSignature
+ * @param prefix The UTF-16 encoided NS prefix to use for the XML
+ * Exclusive Canonicalisation nodes
+ */
+
+ void setECNSPrefix(const XMLCh * prefix);
+
+ /**
* \brief Create a <Signature> DOM structure.
*
* <p>The DOM structure created is still divorced from the document.
The callee
@@ -382,6 +400,15 @@
const XMLCh * getDSIGNSPrefix() {return mp_prefixNS;}
/**
+ * \brief Get the NS being used for EC nodes
+ *
+ * @returns A pointer to the buffer holding the prefix
+ * @see #setECNSPrefix
+ */
+
+ const XMLCh * getECNSPrefix() {return mp_ecPrefixNS;}
+
+ /**
* \brief
*
* Get the DOM_Document that this Signature is operating within.
@@ -593,6 +620,7 @@
// For creating functions
XMLCh * mp_prefixNS;
+ XMLCh * mp_ecPrefixNS;
// The signing/verifying key
XSECCryptoKey * mp_signingKey;
1.8 +23 -5 xml-security/c/src/dsig/DSIGTransformC14n.cpp
Index: DSIGTransformC14n.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/dsig/DSIGTransformC14n.cpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- DSIGTransformC14n.cpp 22 Apr 2003 22:35:17 -0000 1.7
+++ DSIGTransformC14n.cpp 30 Apr 2003 11:41:14 -0000 1.8
@@ -231,8 +231,8 @@
DOMNode *mp_inclNSNode = mp_txfmNode->getFirstChild();
- while (mp_inclNSNode != NULL && mp_inclNSNode->getNodeType() !=
DOMNode::ELEMENT_NODE &&
- !strEquals(mp_inclNSNode->getNodeName(),
"InclusiveNamespaces"))
+ while (mp_inclNSNode != NULL && (mp_inclNSNode->getNodeType()
!= DOMNode::ELEMENT_NODE ||
+ !strEquals(getECLocalName(mp_inclNSNode),
"InclusiveNamespaces")))
mp_inclNSNode = mp_inclNSNode->getNextSibling();
if (mp_inclNSNode != 0) {
@@ -314,14 +314,32 @@
const XMLCh * prefix;
DOMDocument *doc = mp_parentSignature->getParentDocument();
- prefix = mp_parentSignature->getDSIGNSPrefix();
-
+ // Use the Exclusive Canonicalisation prefix
+ prefix = mp_parentSignature->getECNSPrefix();
+
// Create the transform node
makeQName(str, prefix, "InclusiveNamespaces");
mp_inclNSNode =
doc->createElementNS(DSIGConstants::s_unicodeStrURIDSIG, str.rawXMLChBuffer());
mp_inclNSNode->setAttribute(MAKE_UNICODE_STRING("PrefixList"),
MAKE_UNICODE_STRING(ns));
mp_inclNSStr =
mp_inclNSNode->getAttributes()->getNamedItem(MAKE_UNICODE_STRING("PrefixList"))->getNodeValue();
+ // Add the node
+
mp_txfmNode->appendChild(doc->createTextNode(DSIGConstants::s_unicodeStrNL));
+ mp_txfmNode->appendChild(mp_inclNSNode);
+
mp_txfmNode->appendChild(doc->createTextNode(DSIGConstants::s_unicodeStrNL));
+
+ // Set the namespace attribute
+ if (prefix[0] == '\0') {
+ str.sbTranscodeIn("xmlns");
+ }
+ else {
+ str.sbTranscodeIn("xmlns:");
+ str.sbXMLChCat(prefix);
+ }
+
+
mp_inclNSNode->setAttributeNS(DSIGConstants::s_unicodeStrURIXMLNS,
+
str.rawXMLChBuffer(),
+
DSIGConstants::s_unicodeStrURIEC);
}
else {
1.6 +26 -18 xml-security/c/src/tools/xtest/xtest.cpp
Index: xtest.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/tools/xtest/xtest.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- xtest.cpp 11 Apr 2003 12:25:49 -0000 1.5
+++ xtest.cpp 30 Apr 2003 11:41:14 -0000 1.6
@@ -87,8 +87,7 @@
#include <xsec/transformers/TXFMOutputFile.hpp>
#include <xsec/dsig/DSIGTransformXPath.hpp>
-
-
+#include <xsec/dsig/DSIGTransformC14n.hpp>
// XALAN
@@ -140,7 +139,7 @@
// Known "Good" Values
//
--------------------------------------------------------------------------------
-unsigned char createdDocRefs [6][20] = {
+unsigned char createdDocRefs [8][20] = {
{ 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
0x95, 0x79, 0xf1, 0xd6, 0x54, 0xe, 0xb0, 0xb0, 0x29, 0xe3, },
{ 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
@@ -151,8 +150,12 @@
0x85, 0x44, 0xc7, 0x2a, 0xd3, 0xd2, 0x2, 0xed, 0x67, 0xb4, },
{ 0x88, 0xd1, 0x65, 0xed, 0x2a, 0xe7, 0xc0, 0xbd, 0xea, 0x3e,
0xe6, 0xf3, 0xd4, 0x8c, 0xf7, 0xdd, 0xc8, 0x85, 0xa9, 0x6d, },
- { 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
- 0x95, 0x79, 0xf1, 0xd6, 0x54, 0xe, 0xb0, 0xb0, 0x29, 0xe3, },
+ { 0x52, 0x74, 0xc3, 0xe4, 0xc5, 0xf7, 0x20, 0xb0, 0xd9, 0x52,
+ 0xdb, 0xb3, 0xee, 0x46, 0x66, 0x8f, 0xe1, 0xb6, 0x30, 0x9d, },
+ { 0x52, 0x74, 0xc3, 0xe4, 0xc5, 0xf7, 0x20, 0xb0, 0xd9, 0x52,
+ 0xdb, 0xb3, 0xee, 0x46, 0x66, 0x8f, 0xe1, 0xb6, 0x30, 0x9d, },
+ { 0x51, 0x3c, 0xb5, 0xdf, 0xb9, 0x1e, 0x9d, 0xaf, 0xd4, 0x4a,
+ 0x95, 0x79, 0xf1, 0xd6, 0x54, 0xe, 0xb0, 0xb0, 0x29, 0xe3, }
};
@@ -638,12 +641,6 @@
void outputHex(unsigned char * buf, int len) {
-// for (int i = 0; i < len; ++i) {
-
-// printf("0x%0X, ", buf[i]);
-//
-// }
-
cout << std::ios::hex;
for (int i = 0; i < len; ++i) {
cout << "0x" << (unsigned int) buf[i] << ", ";
@@ -711,7 +708,7 @@
XSECProvider prov;
DSIGSignature *sig;
- DSIGReference *ref[8];
+ DSIGReference *ref[10];
DOMElement *sigNode;
int refCount;
@@ -744,23 +741,34 @@
ref[4]->appendEnvelopedSignatureTransform();
ref[4]->appendCanonicalizationTransform(CANON_C14NE_COM);
+ ref[5] =
sig->createReference(MAKE_UNICODE_STRING("#xpointer(/)"));
+ ref[5]->appendEnvelopedSignatureTransform();
+ DSIGTransformC14n * ce =
ref[5]->appendCanonicalizationTransform(CANON_C14NE_COM);
+ ce->addInclusiveNamespace("foo");
+
+ sig->setECNSPrefix(MAKE_UNICODE_STRING("ec"));
+ ref[6] =
sig->createReference(MAKE_UNICODE_STRING("#xpointer(/)"));
+ ref[6]->appendEnvelopedSignatureTransform();
+ ce = ref[6]->appendCanonicalizationTransform(CANON_C14NE_COM);
+ ce->addInclusiveNamespace("foo");
+
#ifdef XSEC_NO_XALAN
cerr << "WARNING : No testing of XPath being performed as Xalan
not present" << endl;
- refCount = 5;
+ refCount = 7;
#else
- ref[5] = sig->createReference(MAKE_UNICODE_STRING(""));
+ ref[7] = sig->createReference(MAKE_UNICODE_STRING(""));
/*
ref[5]->appendXPathTransform("ancestor-or-self::dsig:Signature",
"xmlns:dsig=http://www.w3.org/2000/09/xmldsig#";); */
- DSIGTransformXPath * x =
ref[5]->appendXPathTransform("count(ancestor-or-self::dsig:Signature | \
+ DSIGTransformXPath * x =
ref[7]->appendXPathTransform("count(ancestor-or-self::dsig:Signature | \
here()/ancestor::dsig:Signature[1]) > \
count(ancestor-or-self::dsig:Signature)");
x->setNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#";);
- refCount = 6;
+ refCount = 8;
#endif
@@ -803,7 +811,7 @@
if (buf[j] != createdDocRefs[i][j]) {
cerr << "Bad at location " << j << endl;
-// exit (1);
+ exit (1);
}
}
1.5 +13 -1 xml-security/c/src/utils/XSECDOMUtils.cpp
Index: XSECDOMUtils.cpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.cpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- XSECDOMUtils.cpp 8 Mar 2003 08:45:16 -0000 1.4
+++ XSECDOMUtils.cpp 30 Apr 2003 11:41:14 -0000 1.5
@@ -83,8 +83,20 @@
const XMLCh * getDSIGLocalName(const DOMNode *node) {
- if (!strEquals(node->getNamespaceURI(), URI_ID_DSIG))
+ if (!strEquals(node->getNamespaceURI(),
DSIGConstants::s_unicodeStrURIDSIG))
return NULL; //DOMString("");
+ else
+ return node->getLocalName();
+
+}
+
+const XMLCh * getECLocalName(const DOMNode * node) {
+
+ // Exclusive Canonicalisation namespace
+ // Probably should have a generic function
+
+ if (!strEquals(node->getNamespaceURI(),
DSIGConstants::s_unicodeStrURIEC))
+ return NULL;
else
return node->getLocalName();
1.5 +3 -2 xml-security/c/src/utils/XSECDOMUtils.hpp
Index: XSECDOMUtils.hpp
===================================================================
RCS file: /home/cvs/xml-security/c/src/utils/XSECDOMUtils.hpp,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- XSECDOMUtils.hpp 8 Mar 2003 08:45:16 -0000 1.4
+++ XSECDOMUtils.hpp 30 Apr 2003 11:41:14 -0000 1.5
@@ -111,10 +111,11 @@
#define MAKE_UNICODE_STRING(str) XMLT(str).getUnicodeStr()
//
--------------------------------------------------------------------------------
-// Utilities to manipulate DSIG namespaces
+// Utilities to manipulate namespaces
//
--------------------------------------------------------------------------------
const XMLCh DSIG_EXPORT * getDSIGLocalName(const DOMNode *node);
+const XMLCh DSIG_EXPORT * getECLocalName(const DOMNode *node);
//
--------------------------------------------------------------------------------
// Find a nominated DSIG node in a document
