2 * Copyright 2001-2006 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * KeyInfoSchemaValidators.cpp
20 * Schema validators for KeyInfo schema
24 #include "exceptions.h"
25 #include "signature/KeyInfo.h"
27 using namespace xmlsignature;
28 using namespace xmltooling;
31 namespace xmlsignature {
33 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,KeyName);
34 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,MgmtData);
35 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,Modulus);
36 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,Exponent);
37 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,Seed);
38 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,PgenCounter);
39 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,P);
40 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,Q);
41 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,G);
42 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,Y);
43 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,J);
44 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,XPath);
45 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509IssuerName);
46 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509SerialNumber);
47 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509SKI);
48 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509SubjectName);
49 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509Certificate);
50 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,X509CRL);
51 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,SPKISexp);
52 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,PGPKeyID);
53 XMLOBJECTVALIDATOR_SIMPLE(XMLTOOL_DLLLOCAL,PGPKeyPacket);
55 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,RSAKeyValue);
56 XMLOBJECTVALIDATOR_REQUIRE(RSAKeyValue,Modulus);
57 XMLOBJECTVALIDATOR_REQUIRE(RSAKeyValue,Exponent);
58 END_XMLOBJECTVALIDATOR;
60 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,DSAKeyValue);
61 XMLOBJECTVALIDATOR_REQUIRE(DSAKeyValue,Y);
62 XMLOBJECTVALIDATOR_NONEORBOTH(DSKeyValue,P,Q);
63 XMLOBJECTVALIDATOR_NONEORBOTH(DSKeyValue,Seed,PgenCounter);
64 END_XMLOBJECTVALIDATOR;
66 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,KeyValue);
67 XMLOBJECTVALIDATOR_ONLYONEOF3(KeyValue,DSAKeyValue,RSAKeyValue,OtherKeyValue);
68 END_XMLOBJECTVALIDATOR;
70 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,Transform);
71 XMLOBJECTVALIDATOR_REQUIRE(Transform,Algorithm);
72 END_XMLOBJECTVALIDATOR;
74 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,Transforms);
75 XMLOBJECTVALIDATOR_NONEMPTY(Transforms,Transform);
76 END_XMLOBJECTVALIDATOR;
78 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,RetrievalMethod);
79 XMLOBJECTVALIDATOR_REQUIRE(RetrievalMethod,URI);
80 END_XMLOBJECTVALIDATOR;
82 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,X509IssuerSerial);
83 XMLOBJECTVALIDATOR_REQUIRE(X509IssuerSerial,X509IssuerName);
84 XMLOBJECTVALIDATOR_REQUIRE(X509IssuerSerial,X509SerialNumber);
85 END_XMLOBJECTVALIDATOR;
87 class XMLTOOL_DLLLOCAL checkWildcardNS {
89 void operator()(const XMLObject* xmlObject) const {
90 const XMLCh* ns=xmlObject->getElementQName().getNamespaceURI();
91 if (XMLString::equals(ns,XMLConstants::XMLSIG_NS) || !ns || !*ns) {
92 throw ValidationException(
93 "Object contains an illegal extension child element ($1).",
94 params(1,xmlObject->getElementQName().toString().c_str())
100 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,X509Data);
101 if (!ptr->hasChildren())
102 throw ValidationException("X509Data must have at least one child element.");
103 const vector<XMLObject*>& anys=ptr->getOtherX509Datas();
104 for_each(anys.begin(),anys.end(),checkWildcardNS());
105 END_XMLOBJECTVALIDATOR;
107 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,SPKIData);
108 XMLOBJECTVALIDATOR_NONEMPTY(SPKIData,SPKISexp);
109 END_XMLOBJECTVALIDATOR;
111 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,PGPData);
112 XMLOBJECTVALIDATOR_ONEOF(PGPData,PGPKeyID,PGPKeyPacket);
113 END_XMLOBJECTVALIDATOR;
115 BEGIN_XMLOBJECTVALIDATOR(XMLTOOL_DLLLOCAL,KeyInfo);
116 if (!ptr->hasChildren())
117 throw ValidationException("KeyInfo must have at least one child element.");
118 const vector<XMLObject*>& anys=ptr->getOthers();
119 for_each(anys.begin(),anys.end(),checkWildcardNS());
120 END_XMLOBJECTVALIDATOR;
124 #define REGISTER_ELEMENT(namespaceURI,cname) \
125 q=QName(namespaceURI,cname::LOCAL_NAME); \
126 XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
127 KeyInfoSchemaValidators.registerValidator(q,new cname##SchemaValidator())
129 #define REGISTER_TYPE(namespaceURI,cname) \
130 q=QName(namespaceURI,cname::TYPE_NAME); \
131 XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
132 KeyInfoSchemaValidators.registerValidator(q,new cname##SchemaValidator())
134 ValidatorSuite xmlsignature::KeyInfoSchemaValidators("KeyInfoSchemaValidators");
136 void xmlsignature::registerKeyInfoClasses()
139 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,KeyInfo);
140 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,KeyName);
141 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,KeyValue);
142 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,MgmtData);
143 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,DSAKeyValue);
144 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,RSAKeyValue);
145 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Exponent);
146 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Modulus);
147 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,P);
148 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Q);
149 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,G);
150 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Y);
151 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,J);
152 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Seed);
153 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,PgenCounter);
154 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,XPath);
155 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Transform);
156 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,Transforms);
157 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,RetrievalMethod);
158 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509IssuerSerial);
159 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509IssuerName);
160 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509SerialNumber);
161 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509SKI);
162 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509SubjectName);
163 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509Certificate);
164 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509CRL);
165 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,X509Data);
166 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,SPKISexp);
167 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,SPKIData);
168 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,PGPKeyID);
169 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,PGPKeyPacket);
170 REGISTER_ELEMENT(XMLConstants::XMLSIG_NS,PGPData);
171 REGISTER_TYPE(XMLConstants::XMLSIG_NS,KeyInfo);
172 REGISTER_TYPE(XMLConstants::XMLSIG_NS,KeyValue);
173 REGISTER_TYPE(XMLConstants::XMLSIG_NS,DSAKeyValue);
174 REGISTER_TYPE(XMLConstants::XMLSIG_NS,RSAKeyValue);
175 REGISTER_TYPE(XMLConstants::XMLSIG_NS,Transform);
176 REGISTER_TYPE(XMLConstants::XMLSIG_NS,Transforms);
177 REGISTER_TYPE(XMLConstants::XMLSIG_NS,RetrievalMethod);
178 REGISTER_TYPE(XMLConstants::XMLSIG_NS,X509IssuerSerial);
179 REGISTER_TYPE(XMLConstants::XMLSIG_NS,X509Data);
180 REGISTER_TYPE(XMLConstants::XMLSIG_NS,SPKIData);
181 REGISTER_TYPE(XMLConstants::XMLSIG_NS,PGPData);