/* The ID attribute in XMLDSig is 'Id' */
static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL };
-static int gNoHash = 0;
-static int gPartial = 0;
-static HashUriList* gpList = NULL;
-static char logChar[100] = "\0";
/**
* xmlSecDSigCtxCreate:
xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
int ret;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxSign start >>");
-
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->result == NULL, -1);
xmlSecAssert2(tmpl != NULL, -1);
int
xmlSecDSigCtxVerify(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
int ret;
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxVerify start >>");
-
+
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(node->doc != NULL, -1);
"xmlSecDSigCtxSigantureProcessNode",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignatureNode false >>");
-
-
return(-1);
}
xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
"xmlSecTransformVerifyNodeContent",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecTransformVerifyNodeContent false >>");
-
return(-1);
}
xmlNodePtr keyInfoNode = NULL;
xmlNodePtr cur;
int ret;
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignatureNode : start >>>>>>>");
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1);
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignatureNode : end >>>>>>>");
return(0);
}
xmlSecDSigReferenceCtxPtr dsigRefCtx;
xmlNodePtr cur;
int ret;
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignedInfoNode start >>");
-
+
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
xmlSecAssert2(dsigCtx->signMethod == NULL, -1);
return(-1);
}
- if( gNoHash == 1)
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignedInfoNode : NoHash :: skip start >>>>>>");
-
- /* process */
- ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxProcessNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-
- if( gNoHash == 1)
- {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxProcessNode : ignore false >>>>>>");
-
- //return(-1);
- }
- else
- return(-1);
- }
-
-
- if( gNoHash == 1)
- {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignedInfoNode : NoHash :: skip end >>>>>>");
-
- dsigRefCtx->status = xmlSecDSigStatusSucceeded;
+ /* process */
+ ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecDSigReferenceCtxProcessNode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "node=%s",
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
/* bail out if next Reference processing failed */
dsigCtx->status = xmlSecDSigStatusInvalid;
return(0);
}
-
cur = xmlSecGetNextElementNode(cur->next);
}
-
/* check that we have at least one Reference */
if(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
/* if there is something left than it's an error */
if(cur != NULL) {
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessSignedInfoNode end >>");
-
return(0);
}
static int
xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
int ret;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessKeyInfoNode start >>");
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
}
}
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessKeyInfoNode end >>");
return(0);
}
xmlSecDSigCtxProcessObjectNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
xmlNodePtr cur;
int ret;
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessObjectNode start >>");
- */
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
}
cur = xmlSecGetNextElementNode(cur->next);
}
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessObjectNode end >>");*/
return(0);
}
xmlSecDSigReferenceCtxPtr dsigRefCtx;
xmlNodePtr cur;
int ret;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessManifestNode start >>");
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigCtxProcessManifestNode end >>");
return(0);
}
xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx, xmlSecDSigReferenceOrigin origin) {
xmlSecDSigReferenceCtxPtr dsigRefCtx;
int ret;
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxCreate start >>");
- */
+
xmlSecAssert2(dsigCtx != NULL, NULL);
dsigRefCtx = (xmlSecDSigReferenceCtxPtr) xmlMalloc(sizeof(xmlSecDSigReferenceCtx));
xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
return(NULL);
}
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxCreate end >>");*/
-
return(dsigRefCtx);
}
*/
void
xmlSecDSigReferenceCtxDestroy(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxDestroy start >>"); */
-
xmlSecAssert(dsigRefCtx != NULL);
xmlSecDSigReferenceCtxFinalize(dsigRefCtx);
xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlSecDSigCtxPtr dsigCtx,
xmlSecDSigReferenceOrigin origin) {
int ret;
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxInitialize start >>"); */
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigRefCtx != NULL, -1);
*/
void
xmlSecDSigReferenceCtxFinalize(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
-
- /*xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxFinalize start >>"); */
-
xmlSecAssert(dsigRefCtx != NULL);
xmlSecTransformCtxFinalize(&(dsigRefCtx->transformCtx));
xmlNodePtr cur;
int ret;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigReferenceCtxProcessNode : start >>>>>>>");
xmlSecAssert2(dsigRefCtx != NULL, -1);
xmlSecAssert2(dsigRefCtx->dsigCtx != NULL, -1);
xmlSecAssert2(dsigRefCtx->digestMethod == NULL, -1);
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(node->doc != NULL, -1);
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip start >>>>>");
-
-
-
transformCtx = &(dsigRefCtx->transformCtx);
- if( gNoHash != 1)
- {
/* read attributes first */
dsigRefCtx->uri = xmlGetProp(node, xmlSecAttrURI);
dsigRefCtx->id = xmlGetProp(node, xmlSecAttrId);
return(-1);
}
-#if 0
- }// if( gNoHash == 1)
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip end >>>>>");
-#endif
-
-
/* if we need to write result to xml node then we need base64 encode result */
if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
xmlSecTransformPtr base64Encode;
"xmlSecTransformCtxCreateAndAppend",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecTransformCtxCreateAndAppend false >>>>>");
return(-1);
-
}
base64Encode->operation = xmlSecTransformOperationEncode;
}
"xmlSecTransformCtxExecute",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " TransformCtxExecute false return ?? >>>>>");
-
return(-1);
}
dsigRefCtx->result = transformCtx->result;
-
-
-#if 0
- }// if( gNoHash == 1)
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip end >>>>>");
-#endif
if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip start 2 >>>>>");
-
if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlNodeSetContentLen(digestValueNode,
xmlSecBufferGetData(dsigRefCtx->result),
xmlSecBufferGetSize(dsigRefCtx->result));
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip end 2 >>>>>");
-
+
/* set success status and we are done */
dsigRefCtx->status = xmlSecDSigStatusSucceeded;
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecTransformVerifyNodeContent :: signature start ??? >>");
-
-
- /* verify SignatureValue node content */
- ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod,
- digestValueNode, transformCtx);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformVerifyNodeContent",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
-
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " TransformVerifyNodeContent :: signature false ??? >>");
+ /* verify SignatureValue node content */
+ ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod,
+ digestValueNode, transformCtx);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecTransformVerifyNodeContent",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
} else {
dsigRefCtx->status = xmlSecDSigStatusInvalid;
}
-
-
-
-#if 1
- }// if( gNoHash == 1)
- if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) {
- dsigRefCtx->status = xmlSecDSigStatusSucceeded;
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " :: TransformStatusOk , SigStatusSucceeded >>>>");
-
- }
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- " : skip end >>>>>");
-#endif
-
}
-partialHash:
return(0);
}
}
-void xmlSecDSigSetNoHash(int hash)
-{
- gNoHash = hash;
-
- if( gNoHash == 1 )
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigSetNoHash >> start");
- else
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigSetNoHash : 0 ( default)");
-}
-
-void _copyMemory(HashUriList* src, HashUriList* dest)
-{
- dest= (HashUriList*)malloc(sizeof(HashUriList)); // gpList
-
- HashUriList* pDestTmp = dest;
- HashUriList* pSrcTmp = src;
- int len = 0;
- int cnt = 0;
-
- while(pSrcTmp)
- {
- len = strlen(pSrcTmp->uri);
- pDestTmp->uri = (char*)malloc(len+1);
- memcpy(pDestTmp->uri, pSrcTmp->uri, len);
- pDestTmp->uri[len] = '\0';
- ++cnt;
-
- strcpy(logChar, pDestTmp->uri);
-
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- (const char*)logChar);
-
- pSrcTmp = pSrcTmp->pNext;
-
- if(pSrcTmp != NULL)
- {
- pDestTmp->pNext = (HashUriList*)malloc(sizeof(HashUriList));
- pDestTmp = pDestTmp->pNext;
- }
- }
-
-}
-
-void xmlSecDSigSetPartialHash(HashUriList* uriList)
-{
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigSetPartialHash >> start");
-
- gPartial = 1;
-
- if(uriList != NULL)
- {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "xmlSecDSigSetPartialHash >> uriList != NULL >>>>");
-
- gpList = uriList;
- }
-
-}
-
-void freePartialHash(HashUriList* uriList)
-{
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER,
- "freePartialHash >> start");
-
- HashUriList* pTmp = uriList;
- while(pTmp != NULL)
- {
- free(pTmp->uri);
- pTmp = pTmp->pNext;
- }
- //free(pTmp);
- //pTmp = NULL;
-}
-
-
/**************************************************************************
*
* xmlSecDSigReferenceCtxListKlass