00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028 #ifndef DSIGCONSTANTS_HEADER
00029 #define DSIGCONSTANTS_HEADER
00030
00031 #include <xsec/utils/XSECSafeBuffer.hpp>
00032
00033
00034 #include <xercesc/util/XMLString.hpp>
00035
00036 XSEC_USING_XERCES(XMLString);
00037
00038
00039
00040 #define URI_ID_DSIG "http://www.w3.org/2000/09/xmldsig#"
00041 #define URI_ID_EC "http://www.w3.org/2001/10/xml-exc-c14n#"
00042
00043 #define URI_ID_XPF "http://www.w3.org/2002/06/xmldsig-filter2"
00044 #define URI_ID_XENC "http://www.w3.org/2001/04/xmlenc#"
00045
00046
00047
00048 #define URI_ID_SHA1 "http://www.w3.org/2000/09/xmldsig#sha1"
00049 #define URI_ID_MD5 "http://www.w3.org/2001/04/xmldsig-more#md5"
00050 #define URI_ID_SHA224 "http://www.w3.org/2001/04/xmldsig-more#sha224"
00051 #define URI_ID_SHA256 "http://www.w3.org/2001/04/xmlenc#sha256"
00052 #define URI_ID_SHA384 "http://www.w3.org/2001/04/xmldsig-more#sha384"
00053 #define URI_ID_SHA512 "http://www.w3.org/2001/04/xmlenc#sha512"
00054
00055
00056 #define URI_ID_3DES_CBC "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
00057 #define URI_ID_AES128_CBC "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
00058 #define URI_ID_AES192_CBC "http://www.w3.org/2001/04/xmlenc#aes192-cbc"
00059 #define URI_ID_AES256_CBC "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
00060
00061
00062 #define URI_ID_KW_AES128 "http://www.w3.org/2001/04/xmlenc#kw-aes128"
00063 #define URI_ID_KW_AES192 "http://www.w3.org/2001/04/xmlenc#kw-aes192"
00064 #define URI_ID_KW_AES256 "http://www.w3.org/2001/04/xmlenc#kw-aes256"
00065 #define URI_ID_KW_3DES "http://www.w3.org/2001/04/xmlenc#kw-tripledes"
00066
00067
00068 #define URI_ID_RSA_1_5 "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
00069 #define URI_ID_RSA_OAEP_MGFP1 "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
00070
00071
00072
00073 #define URI_ID_BASE64 "http://www.w3.org/2000/09/xmldsig#base64"
00074 #define URI_ID_XPATH "http://www.w3.org/TR/1999/REC-xpath-19991116"
00075 #define URI_ID_XSLT "http://www.w3.org/TR/1999/REC-xslt-19991116"
00076 #define URI_ID_ENVELOPE "http://www.w3.org/2000/09/xmldsig#enveloped-signature"
00077 #define URI_ID_C14N_NOC "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
00078 #define URI_ID_C14N_COM "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
00079 #define URI_ID_EXC_C14N_NOC "http://www.w3.org/2001/10/xml-exc-c14n#"
00080 #define URI_ID_EXC_C14N_COM "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
00081 #define XPATH_EXPR_ENVELOPE "count(ancestor-or-self::dsig:Signature | \
00082 here()/ancestor::dsig:Signature[1]) > \
00083 count(ancestor-or-self::dsig:Signature)"
00084
00085
00086
00087 #define URI_ID_SIG_BASE "http://www.w3.org/2000/09/xmldsig#"
00088 #define URI_ID_SIG_BASEMORE "http://www.w3.org/2001/04/xmldsig-more#"
00089 #define URI_ID_SIG_DSA "dsa"
00090 #define URI_ID_SIG_HMAC "hmac"
00091 #define URI_ID_SIG_SHA1 "sha1"
00092 #define URI_ID_SIG_SHA224 "sha224"
00093 #define URI_ID_SIG_SHA256 "sha256"
00094 #define URI_ID_SIG_SHA384 "sha384"
00095 #define URI_ID_SIG_SHA512 "sha512"
00096 #define URI_ID_SIG_RSA "rsa"
00097 #define URI_ID_SIG_MD5 "md5"
00098
00099 #define URI_ID_DSA_SHA1 "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
00100 #define URI_ID_HMAC_SHA1 "http://www.w3.org/2000/09/xmldsig#hmac-sha1"
00101 #define URI_ID_HMAC_SHA224 "http://www.w3.org/2001/04/xmldsig-more#hmac-sha224"
00102 #define URI_ID_HMAC_SHA256 "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
00103 #define URI_ID_HMAC_SHA384 "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
00104 #define URI_ID_HMAC_SHA512 "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
00105 #define URI_ID_RSA_SHA1 "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
00106 #define URI_ID_RSA_SHA224 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224"
00107 #define URI_ID_RSA_SHA256 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
00108 #define URI_ID_RSA_SHA384 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
00109 #define URI_ID_RSA_SHA512 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
00110 #define URI_ID_RSA_MD5 "http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
00111
00112
00113 #define URI_ID_XENC_ELEMENT "http://www.w3.org/2001/04/xmlenc#Element"
00114 #define URI_ID_XENC_CONTENT "http://www.w3.org/2001/04/xmlenc#Content"
00115
00116
00117
00118 #define URI_ID_XMLNS "http://www.w3.org/2000/xmlns/"
00119 #define URI_ID_MANIFEST "http://www.w3.org/2000/09/xmldsig#Manifest"
00120 #define URI_ID_RAWX509 "http://www.w3.org/2000/09/xmldsig#rawX509Certificate"
00121
00122
00123
00124 #define PROV_OPENSSL "OpenSSL Provider"
00125 #define PROV_WINCAPI "WinCAPI Provider"
00126 #define PROV_NSS "NSS Provider"
00127
00128
00129
00130 enum canonicalizationMethod {
00131
00132 CANON_NONE = 0,
00133 CANON_C14N_NOC = 1,
00134 CANON_C14N_COM = 2,
00135 CANON_C14NE_NOC = 3,
00136 CANON_C14NE_COM = 4
00137 };
00138
00139 enum signatureMethod {
00140
00141 SIGNATURE_NONE = 0,
00142 SIGNATURE_DSA = 1,
00143 SIGNATURE_HMAC = 2,
00144 SIGNATURE_RSA = 3
00145 };
00146
00147
00148 enum hashMethod {
00149
00150 HASH_NONE = 0,
00151 HASH_SHA1 = 1,
00152 HASH_MD5 = 2,
00153 HASH_SHA224 = 3,
00154 HASH_SHA256 = 4,
00155 HASH_SHA384 = 5,
00156 HASH_SHA512 = 6
00157 };
00158
00159 enum transformType {
00160
00161 TRANSFORM_BASE64,
00162 TRANSFORM_C14N,
00163 TRANSFORM_EXC_C14N,
00164 TRANSFORM_ENVELOPED_SIGNATURE,
00165 TRANSFORM_XPATH,
00166 TRANSFORM_XSLT,
00167 TRANSFORM_XPATH_FILTER
00168
00169 };
00170
00171 enum xpathFilterType {
00172
00173 FILTER_UNION = 0,
00174 FILTER_INTERSECT = 1,
00175 FILTER_SUBTRACT = 2
00177 };
00178
00179 enum encryptionMethod {
00180
00181 ENCRYPT_NONE = 0,
00182 ENCRYPT_3DES_CBC = 1,
00183 ENCRYPT_AES128_CBC = 2,
00184 ENCRYPT_AES192_CBC = 3,
00185 ENCRYPT_AES256_CBC = 4,
00186 ENCRYPT_KW_AES128 = 5,
00187 ENCRYPT_KW_AES192 = 6,
00188 ENCRYPT_KW_AES256 = 7,
00189 ENCRYPT_KW_3DES = 8,
00190 ENCRYPT_RSA_15 = 9,
00191 ENCRYPT_RSA_OAEP_MGFP1 = 10
00192
00193 };
00194
00195
00196
00197
00198
00199
00200 inline
00201 bool canonicalizationMethod2URI(safeBuffer &uri, canonicalizationMethod cm) {
00202
00203 switch (cm) {
00204
00205 case (CANON_C14N_NOC) :
00206
00207 uri = URI_ID_C14N_NOC;
00208 break;
00209
00210 case (CANON_C14N_COM) :
00211
00212 uri = URI_ID_C14N_COM;
00213 break;
00214
00215 case (CANON_C14NE_NOC) :
00216
00217 uri = URI_ID_EXC_C14N_NOC;
00218 break;
00219
00220 case (CANON_C14NE_COM) :
00221
00222 uri = URI_ID_EXC_C14N_COM;
00223 break;
00224
00225 default :
00226 return false;
00227
00228 }
00229
00230 return true;
00231
00232 }
00233
00234 inline
00235 bool signatureHashMethod2URI(safeBuffer &uri, signatureMethod sm, hashMethod hm) {
00236
00237 if (hm < HASH_MD5)
00238 uri = URI_ID_SIG_BASE;
00239 else
00240 uri = URI_ID_SIG_BASEMORE;
00241
00242 switch (sm) {
00243
00244 case (SIGNATURE_DSA) :
00245
00246 uri.sbStrcatIn(URI_ID_SIG_DSA);
00247 break;
00248
00249 case (SIGNATURE_HMAC) :
00250
00251 uri.sbStrcatIn(URI_ID_SIG_HMAC);
00252 break;
00253
00254 case (SIGNATURE_RSA) :
00255
00256 uri.sbStrcatIn(URI_ID_SIG_RSA);
00257 break;
00258
00259 default :
00260
00261 return false;
00262
00263 }
00264
00265 uri.sbStrcatIn("-");
00266
00267 switch (hm) {
00268
00269 case (HASH_SHA1) :
00270
00271 uri.sbStrcatIn(URI_ID_SIG_SHA1);
00272 break;
00273
00274 case (HASH_MD5) :
00275
00276 uri.sbStrcatIn(URI_ID_SIG_MD5);
00277 break;
00278
00279 case (HASH_SHA224) :
00280
00281 uri.sbStrcatIn(URI_ID_SIG_SHA224);
00282 break;
00283
00284 case (HASH_SHA256) :
00285
00286 uri.sbStrcatIn(URI_ID_SIG_SHA256);
00287 break;
00288
00289 case (HASH_SHA384) :
00290
00291 uri.sbStrcatIn(URI_ID_SIG_SHA384);
00292 break;
00293
00294 case (HASH_SHA512) :
00295
00296 uri.sbStrcatIn(URI_ID_SIG_SHA512);
00297 break;
00298
00299 default:
00300
00301 return false;
00302
00303 }
00304
00305 return true;
00306
00307 }
00308
00309 inline
00310 bool hashMethod2URI(safeBuffer &uri, hashMethod hm) {
00311
00312 switch (hm) {
00313
00314 case (HASH_SHA1) :
00315
00316 uri = URI_ID_SHA1;
00317 break;
00318
00319 case (HASH_MD5) :
00320
00321 uri = URI_ID_MD5;
00322 break;
00323
00324 case (HASH_SHA224) :
00325
00326 uri = URI_ID_SHA224;
00327 break;
00328
00329 case (HASH_SHA256) :
00330
00331 uri = URI_ID_SHA256;
00332 break;
00333
00334 case (HASH_SHA384) :
00335
00336 uri = URI_ID_SHA384;
00337 break;
00338
00339 case (HASH_SHA512) :
00340
00341 uri = URI_ID_SHA512;
00342 break;
00343
00344 default:
00345 return false;
00346
00347 }
00348
00349 return true;
00350
00351 }
00352
00353 inline
00354 bool encryptionMethod2URI(safeBuffer &uri, encryptionMethod em) {
00355
00356 switch (em) {
00357
00358 case (ENCRYPT_3DES_CBC) :
00359
00360 uri = URI_ID_3DES_CBC;
00361 break;
00362
00363 case (ENCRYPT_AES128_CBC) :
00364
00365 uri = URI_ID_AES128_CBC;
00366 break;
00367
00368 case (ENCRYPT_AES192_CBC) :
00369
00370 uri = URI_ID_AES192_CBC;
00371 break;
00372
00373 case (ENCRYPT_AES256_CBC) :
00374
00375 uri = URI_ID_AES256_CBC;
00376 break;
00377
00378 case (ENCRYPT_KW_AES128) :
00379
00380 uri = URI_ID_KW_AES128;
00381 break;
00382
00383 case (ENCRYPT_KW_AES192) :
00384
00385 uri = URI_ID_KW_AES192;
00386 break;
00387
00388 case (ENCRYPT_KW_AES256) :
00389
00390 uri = URI_ID_KW_AES256;
00391 break;
00392
00393 case (ENCRYPT_KW_3DES) :
00394
00395 uri = URI_ID_KW_3DES;
00396 break;
00397
00398 case (ENCRYPT_RSA_15) :
00399
00400 uri = URI_ID_RSA_1_5;
00401 break;
00402
00403 case (ENCRYPT_RSA_OAEP_MGFP1) :
00404
00405 uri = URI_ID_RSA_OAEP_MGFP1;
00406 break;
00407
00408 default:
00409
00410 return false;
00411
00412 }
00413
00414 return true;
00415
00416 }
00417
00418
00419
00420
00421
00422 class DSIG_EXPORT DSIGConstants {
00423
00424 public:
00425
00426
00427
00428 static const XMLCh * s_unicodeStrEmpty;
00429 static const XMLCh * s_unicodeStrNL;
00430 static const XMLCh * s_unicodeStrXmlns;
00431 static const XMLCh * s_unicodeStrURI;
00432
00433
00434 static const XMLCh * s_unicodeStrAlgorithm;
00435
00436
00437 static const XMLCh * s_unicodeStrURIDSIG;
00438 static const XMLCh * s_unicodeStrURIEC;
00439 static const XMLCh * s_unicodeStrURIXPF;
00440 static const XMLCh * s_unicodeStrURIXENC;
00441
00442 static const XMLCh * s_unicodeStrURISIGBASE;
00443 static const XMLCh * s_unicodeStrURISIGBASEMORE;
00444
00445 static const XMLCh * s_unicodeStrURIRawX509;
00446 static const XMLCh * s_unicodeStrURISHA1;
00447 static const XMLCh * s_unicodeStrURISHA224;
00448 static const XMLCh * s_unicodeStrURISHA256;
00449 static const XMLCh * s_unicodeStrURISHA384;
00450 static const XMLCh * s_unicodeStrURISHA512;
00451 static const XMLCh * s_unicodeStrURIMD5;
00452 static const XMLCh * s_unicodeStrURIBASE64;
00453 static const XMLCh * s_unicodeStrURIXPATH;
00454 static const XMLCh * s_unicodeStrURIXSLT;
00455 static const XMLCh * s_unicodeStrURIENVELOPE;
00456 static const XMLCh * s_unicodeStrURIC14N_NOC;
00457 static const XMLCh * s_unicodeStrURIC14N_COM;
00458 static const XMLCh * s_unicodeStrURIEXC_C14N_NOC;
00459 static const XMLCh * s_unicodeStrURIEXC_C14N_COM;
00460 static const XMLCh * s_unicodeStrURIDSA_SHA1;
00461
00462 static const XMLCh * s_unicodeStrURIRSA_MD5;
00463 static const XMLCh * s_unicodeStrURIRSA_SHA1;
00464 static const XMLCh * s_unicodeStrURIRSA_SHA224;
00465 static const XMLCh * s_unicodeStrURIRSA_SHA256;
00466 static const XMLCh * s_unicodeStrURIRSA_SHA384;
00467 static const XMLCh * s_unicodeStrURIRSA_SHA512;
00468
00469 static const XMLCh * s_unicodeStrURIHMAC_SHA1;
00470 static const XMLCh * s_unicodeStrURIHMAC_SHA224;
00471 static const XMLCh * s_unicodeStrURIHMAC_SHA256;
00472 static const XMLCh * s_unicodeStrURIHMAC_SHA384;
00473 static const XMLCh * s_unicodeStrURIHMAC_SHA512;
00474
00475 static const XMLCh * s_unicodeStrURIXMLNS;
00476 static const XMLCh * s_unicodeStrURIMANIFEST;
00477
00478
00479 static const XMLCh * s_unicodeStrURI3DES_CBC;
00480 static const XMLCh * s_unicodeStrURIAES128_CBC;
00481 static const XMLCh * s_unicodeStrURIAES192_CBC;
00482 static const XMLCh * s_unicodeStrURIAES256_CBC;
00483 static const XMLCh * s_unicodeStrURIKW_AES128;
00484 static const XMLCh * s_unicodeStrURIKW_AES192;
00485 static const XMLCh * s_unicodeStrURIKW_AES256;
00486 static const XMLCh * s_unicodeStrURIKW_3DES;
00487 static const XMLCh * s_unicodeStrURIRSA_1_5;
00488 static const XMLCh * s_unicodeStrURIRSA_OAEP_MGFP1;
00489
00490 static const XMLCh * s_unicodeStrURIXENC_ELEMENT;
00491 static const XMLCh * s_unicodeStrURIXENC_CONTENT;
00492
00493
00494 static const XMLCh * s_unicodeStrPROVOpenSSL;
00495 static const XMLCh * s_unicodeStrPROVWinCAPI;
00496 static const XMLCh * s_unicodeStrPROVNSS;
00497
00498
00499 DSIGConstants();
00500
00501 static void create();
00502 static void destroy();
00503
00504 };
00505
00506
00507
00508
00509 inline
00510 const XMLCh * canonicalizationMethod2UNICODEURI(canonicalizationMethod cm) {
00511
00512 switch (cm) {
00513
00514 case (CANON_C14N_NOC) :
00515
00516 return DSIGConstants::s_unicodeStrURIC14N_NOC;
00517
00518 case (CANON_C14N_COM) :
00519
00520 return DSIGConstants::s_unicodeStrURIC14N_COM;
00521
00522 case (CANON_C14NE_NOC) :
00523
00524 return DSIGConstants::s_unicodeStrURIEXC_C14N_NOC;
00525
00526 case (CANON_C14NE_COM) :
00527
00528 return DSIGConstants::s_unicodeStrURIEXC_C14N_COM;
00529
00530 default :
00531 break;
00532
00533 }
00534
00535 return DSIGConstants::s_unicodeStrEmpty;
00536
00537 }
00538
00539
00540
00541
00542
00543
00544
00545
00546
00547
00548
00549
00550 bool DSIG_EXPORT XSECmapURIToSignatureMethods(const XMLCh * URI,
00551 signatureMethod & sm,
00552 hashMethod & hm);
00553 bool DSIG_EXPORT XSECmapURIToHashMethod(const XMLCh * URI,
00554 hashMethod & hm);
00555 bool DSIG_EXPORT XSECmapURIToCanonicalizationMethod(const XMLCh * URI,
00556 canonicalizationMethod & cm);
00557
00558 #endif
00559