Main Page | Modules | Class Hierarchy | Class List | Directories | File List | Class Members | File Members | Related Pages

XSECAlgorithmHandler Class Reference
[XML Encryption Implementation]

#include <XSECAlgorithmHandler.hpp>

Inheritance diagram for XSECAlgorithmHandler:

Inheritance graph
[legend]
List of all members.

Detailed Description

Interface class to provide handlers for processing different encryption, signature and hashing types.

The XENCCipher class allows users and callers to register algorithm handlers for different Type URIs, as used in the various XML Signature or Encryption elements.

Default handlers are provided by the library, and are used to process all algorithms defined as mandatory (and many optional) within the standard.

Users can extend this class to provide custom algorithm handlers for their own classes.

Note:
The library will use a single clone of any provided object for a given algorithm. So all implementation classes must be thread safe!


Public Member Functions

Constructors and Destructors
virtual ~XSECAlgorithmHandler ()
Encryption Methods
virtual bool encryptToSafeBuffer (TXFMChain *plainText, XENCEncryptionMethod *encryptionMethod, XSECCryptoKey *key, XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc, safeBuffer &result)=0
 Encrypt an input Transform chain to a safeBuffer.
Decryption Methods
virtual unsigned int decryptToSafeBuffer (TXFMChain *cipherText, XENCEncryptionMethod *encryptionMethod, XSECCryptoKey *key, XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc, safeBuffer &result)=0
 Decrypt an input Transform chain to a safeBuffer.
virtual bool appendDecryptCipherTXFM (TXFMChain *cipherText, XENCEncryptionMethod *encryptionMethod, XSECCryptoKey *key, XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *doc)=0
 Append an appropriate decrypt TXFMer to a cipher txfm chain.
SigningMethods
virtual unsigned int signToSafeBuffer (TXFMChain *inputBytes, const XMLCh *URI, XSECCryptoKey *key, unsigned int outputLength, safeBuffer &result)=0
 Sign an input TXFMChain.
virtual bool verifyBase64Signature (TXFMChain *inputBytes, const XMLCh *URI, const char *sig, unsigned int outputLength, XSECCryptoKey *key)=0
 Validate a signature using an input TXFMChain.
Hash appending
virtual bool appendSignatureHashTxfm (TXFMChain *inputBytes, const XMLCh *URI, XSECCryptoKey *key)=0
 Append a signature hash to a TXFM Chain based on URI.
virtual bool appendHashTxfm (TXFMChain *inputBytes, const XMLCh *URI)=0
 Append a hash to a TXFM Chain based on URI.
Key handling
virtual XSECCryptoKeycreateKeyForURI (const XMLCh *uri, const unsigned char *keyBuffer, unsigned int keyLen)=0
 Create a key that will support a given URI.
Miscellaneous Functions
virtual XSECAlgorithmHandlerclone (void) const =0
 Create a new instance of the handler.


Constructor & Destructor Documentation

virtual XSECAlgorithmHandler::~XSECAlgorithmHandler  )  [inline, virtual]
 


Member Function Documentation

virtual bool XSECAlgorithmHandler::appendDecryptCipherTXFM TXFMChain cipherText,
XENCEncryptionMethod encryptionMethod,
XSECCryptoKey key,
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *  doc
[pure virtual]
 

Append an appropriate decrypt TXFMer to a cipher txfm chain.

This method takes a TXFMChain that will provide the cipher text data, and appends the appropriate cipher transformer to decrypt the output.

The EncryptionMethod object is provided so that any algorithm specific parameters can be found by the processor. It also allows applications to embed multiple algorithms in a single processing object. The Type value can then be read from the EncryptionMethod object to determine what to do.

Parameters:
cipherText Chain that will provide the cipherText. Ownership remains with the caller - do not delete.
encryptionMethod Information about the algorithm to use
key The key that has been determined via a resolver or that has been provided by the calling application.
doc Document from which to create XML Nodes
Returns:
The resulting BinInputStream

Implemented in DSIGAlgorithmHandlerDefault.

virtual bool XSECAlgorithmHandler::appendHashTxfm TXFMChain inputBytes,
const XMLCh *  URI
[pure virtual]
 

Append a hash to a TXFM Chain based on URI.

Given a URI string create the appropriate hash TXFM. NOTE the input URI should be a "stright" (i.e. non-signature) hash algorithm URI - e.g. #sha1

Parameters:
inputBytes the Input TXFMChain to append the hash to
uri URI string to match hash against
Returns:
true if a match was found and a hash was appended

Implemented in DSIGAlgorithmHandlerDefault.

virtual bool XSECAlgorithmHandler::appendSignatureHashTxfm TXFMChain inputBytes,
const XMLCh *  URI,
XSECCryptoKey key
[pure virtual]
 

Append a signature hash to a TXFM Chain based on URI.

Given a URI string create the appropriate hash TXFM. NOTE the input URI should be a SIGNATURE URI - e.g. #hash-sha1

Parameters:
inputBytes the Input TXFMChain to append the hash to
uri URI string to match hash against
key The key for this signature (in case of an HMAC hash)
Returns:
true if a match was found and a hash was appended

Implemented in DSIGAlgorithmHandlerDefault.

virtual XSECAlgorithmHandler* XSECAlgorithmHandler::clone void   )  const [pure virtual]
 

Create a new instance of the handler.

Provides a means for the library to create a new instance of the object without knowing its type

Implemented in DSIGAlgorithmHandlerDefault.

virtual XSECCryptoKey* XSECAlgorithmHandler::createKeyForURI const XMLCh *  uri,
const unsigned char *  keyBuffer,
unsigned int  keyLen
[pure virtual]
 

Create a key that will support a given URI.

Given a URI string and a raw bit string, create the associated key

Parameters:
uri URI string to match key to
keyBuffer Raw bits to set in the key
keyLen Number of bytes in the key

Implemented in DSIGAlgorithmHandlerDefault.

virtual unsigned int XSECAlgorithmHandler::decryptToSafeBuffer TXFMChain cipherText,
XENCEncryptionMethod encryptionMethod,
XSECCryptoKey key,
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *  doc,
safeBuffer result
[pure virtual]
 

Decrypt an input Transform chain to a safeBuffer.

This method takes a TXFMChain that will provide the cipher text data, and places the output in a safeBuffer.

The EncryptionMethod object is provided so that any algorithm specific parameters can be found by the processor. It also allows applications to embed multiple algorithms in a single processing object. The Type value can then be read from the EncryptionMethod object to determine what to do.

Parameters:
cipherText Chain that will provide the cipherText. Ownership remains with the caller - do not delete.
encryptionMethod Information about the algorithm to use
key The key that has been determined via a resolver or that has been provided by the calling application.
doc Document in which to operate
result SafeBuffer object to place result into
Returns:
The number of plain bytes placed in the safeBuffer

Implemented in DSIGAlgorithmHandlerDefault.

virtual bool XSECAlgorithmHandler::encryptToSafeBuffer TXFMChain plainText,
XENCEncryptionMethod encryptionMethod,
XSECCryptoKey key,
XERCES_CPP_NAMESPACE_QUALIFIER DOMDocument *  doc,
safeBuffer result
[pure virtual]
 

Encrypt an input Transform chain to a safeBuffer.

This method takes a TXFMChain that will provide the plain text data, and places the encrypted and base64 encoded output in a safeBuffer.

The EncryptionMethod object is provided so that any algorithm specific parameters can be embedded by the processor. Default parameters can be set directly (OAEParams and KeySize). Anything additional will need to be set within the DOM directly.

Parameters:
plainText Chain that will provide the plain bytes. Ownership remains with the caller - do not delete.
encryptionMethod Information about the algorithm to use. Can also be used to set the required encryption parameters
key The key that has been provided by the calling application to perform the encryption.
doc Document in which to operate
result SafeBuffer object to place result into
Note:
This is not quite the symmetric opposite of decryptToSafeBuffer because of the way the library uses transformers. It is expected that this method will create a safeBuffer with base64 encoded data. (It's easier to throw a TXFMBase64 txfmer on the end of the chain than to do the encryption and then separately base64 encode.)

Implemented in DSIGAlgorithmHandlerDefault.

virtual unsigned int XSECAlgorithmHandler::signToSafeBuffer TXFMChain inputBytes,
const XMLCh *  URI,
XSECCryptoKey key,
unsigned int  outputLength,
safeBuffer result
[pure virtual]
 

Sign an input TXFMChain.

This method takes a TXFMChain that will provide the plain text data, and places a (null terminated) base64 encoded hash into a result safeBuffer.

Unlike the encryption methods, the URI must also be passed in, as a single AlgorithmHandler might be used to support multiple different signing algorithms, but the overhead of passing in the entire SignedInfo is not required.

Parameters:
plainText Chain that will provide the plain bytes. Ownership remains with the caller - do not delete.
URI Algorithm URI to use for the signing operation.
key The key that has been provided by the calling application to perform the signature.
outputLength Max length of an HMAC signature to use in output
result SafeBuffer object to place result into
Returns:
the number of bytes placed in the output safeBuffer

Implemented in DSIGAlgorithmHandlerDefault.

virtual bool XSECAlgorithmHandler::verifyBase64Signature TXFMChain inputBytes,
const XMLCh *  URI,
const char *  sig,
unsigned int  outputLength,
XSECCryptoKey key
[pure virtual]
 

Validate a signature using an input TXFMChain.

Using the input plain text bytes (in the form of a transform chain) validate the associated base64 encoded signature using the supplied key.

The URI value is used to determine the algorithm to be called upon to validate the signature.

Parameters:
plainText Chain that will provide the plain bytes. Ownership remains with the caller - do not delete.
URI Algorithm URI to use for the signing operation.
sig Base64 encoded signature value
key The key that has been provided by the calling application to perform the signature.
Returns:
true if successful validate, false otherwise

Implemented in DSIGAlgorithmHandlerDefault.


The documentation for this class was generated from the following file:
Generated on Sun Jan 28 19:52:03 2007 for XML-Security-C by  doxygen 1.4.2