3 * Copyright 2001-2007 Internet2
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
21 * Library configuration
26 #if defined(XMLTOOLING_LOG4SHIB)
27 # ifndef OPENSAML_LOG4SHIB
28 # error "Logging library mismatch (XMLTooling is using log4shib)."
30 #elif defined(XMLTOOLING_LOG4CPP)
31 # ifndef OPENSAML_LOG4CPP
32 # error "Logging library mismatch (XMLTooling is using log4cpp)."
35 # error "No supported logging library."
38 #include "exceptions.h"
39 #include "SAMLConfig.h"
40 #include "binding/ArtifactMap.h"
41 #include "binding/MessageDecoder.h"
42 #include "binding/MessageEncoder.h"
43 #include "binding/SAMLArtifact.h"
44 #include "binding/SecurityPolicyRule.h"
45 #include "saml1/core/Assertions.h"
46 #include "saml1/core/Protocols.h"
47 #include "saml2/core/Protocols.h"
48 #include "saml2/metadata/Metadata.h"
49 #include "saml2/metadata/MetadataFilter.h"
50 #include "saml2/metadata/MetadataProvider.h"
51 #include "util/SAMLConstants.h"
53 #include <xmltooling/logging.h>
54 #include <xmltooling/XMLToolingConfig.h>
55 #include <xmltooling/signature/Signature.h>
56 #include <xmltooling/util/NDC.h>
57 #include <xmltooling/util/PathResolver.h>
59 #include <xsec/enc/XSECCryptoException.hpp>
60 #include <xsec/enc/XSECCryptoProvider.hpp>
61 #include <xsec/utils/XSECPlatformUtils.hpp>
63 using namespace opensaml;
64 using namespace xmlsignature;
65 using namespace xmltooling::logging;
66 using namespace xmltooling;
69 // Expose entry points when used as an extension library
71 extern "C" int SAML_API xmltooling_extension_init(void*)
73 if (SAMLConfig::getConfig().init(false))
78 extern "C" void SAML_API xmltooling_extension_term()
80 SAMLConfig::getConfig().term(false);
83 DECL_XMLTOOLING_EXCEPTION_FACTORY(ArtifactException,opensaml);
84 DECL_XMLTOOLING_EXCEPTION_FACTORY(SecurityPolicyException,opensaml);
85 DECL_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md);
86 DECL_XMLTOOLING_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md);
87 DECL_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml);
88 DECL_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml);
89 DECL_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml);
90 DECL_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml);
93 SAMLInternalConfig g_config;
96 SAMLConfig& SAMLConfig::getConfig()
101 SAMLInternalConfig& SAMLInternalConfig::getInternalConfig()
106 void SAMLConfig::setArtifactMap(ArtifactMap* artifactMap)
108 delete m_artifactMap;
109 m_artifactMap = artifactMap;
112 bool SAMLInternalConfig::init(bool initXMLTooling)
115 xmltooling::NDC ndc("init");
117 Category& log=Category::getInstance(SAML_LOGCAT".SAMLConfig");
118 log.debug("library initialization started");
121 XMLToolingConfig::getConfig().init();
122 XMLToolingConfig::getConfig().getPathResolver()->setDefaultPackageName("opensaml");
124 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ArtifactException,opensaml);
125 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(SecurityPolicyException,opensaml);
126 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MetadataException,opensaml::saml2md);
127 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(MetadataFilterException,opensaml::saml2md);
128 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(BindingException,opensaml);
129 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(ProfileException,opensaml);
130 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(FatalProfileException,opensaml);
131 REGISTER_XMLTOOLING_EXCEPTION_FACTORY(RetryableProfileException,opensaml);
133 saml1::registerAssertionClasses();
134 saml1p::registerProtocolClasses();
135 saml2::registerAssertionClasses();
136 saml2p::registerProtocolClasses();
137 saml2md::registerMetadataClasses();
138 saml2md::registerMetadataProviders();
139 saml2md::registerMetadataFilters();
140 registerSAMLArtifacts();
141 registerMessageEncoders();
142 registerMessageDecoders();
143 registerSecurityPolicyRules();
145 log.info("%s library initialization complete", PACKAGE_STRING);
149 void SAMLInternalConfig::term(bool termXMLTooling)
152 xmltooling::NDC ndc("term");
154 Category& log=Category::getInstance(SAML_LOGCAT".SAMLConfig");
156 MessageDecoderManager.deregisterFactories();
157 MessageEncoderManager.deregisterFactories();
158 SecurityPolicyRuleManager.deregisterFactories();
159 SAMLArtifactManager.deregisterFactories();
160 MetadataFilterManager.deregisterFactories();
161 MetadataProviderManager.deregisterFactories();
163 delete m_artifactMap;
164 m_artifactMap = NULL;
167 XMLToolingConfig::getConfig().term();
169 log.info("%s library shutdown complete", PACKAGE_STRING);
172 void SAMLInternalConfig::generateRandomBytes(void* buf, unsigned int len)
175 if (XSECPlatformUtils::g_cryptoProvider->getRandom(reinterpret_cast<unsigned char*>(buf),len)<len)
176 throw XMLSecurityException("Unable to generate random data; was PRNG seeded?");
178 catch (XSECCryptoException& e) {
179 throw XMLSecurityException("Unable to generate random data: $1",params(1,e.getMsg()));
183 void SAMLInternalConfig::generateRandomBytes(std::string& buf, unsigned int len)
186 auto_ptr<unsigned char> hold(new unsigned char[len]);
187 generateRandomBytes(hold.get(),len);
188 for (unsigned int i=0; i<len; i++)
189 buf+=(hold.get())[i];
192 XMLCh* SAMLInternalConfig::generateIdentifier()
194 unsigned char key[17];
195 generateRandomBytes(key,16);
198 sprintf(hexform,"_%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
199 key[0],key[1],key[2],key[3],key[4],key[5],key[6],key[7],
200 key[8],key[9],key[10],key[11],key[12],key[13],key[14],key[15]);
202 return XMLString::transcode(hexform);
205 string SAMLInternalConfig::hashSHA1(const char* s, bool toHex)
207 static char DIGITS[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
209 auto_ptr<XSECCryptoHash> hasher(XSECPlatformUtils::g_cryptoProvider->hashSHA1());
211 unsigned char buf[21];
212 hasher->hash(reinterpret_cast<unsigned char*>(const_cast<char*>(s)),strlen(s));
213 if (hasher->finish(buf,20)==20) {
216 for (unsigned int i=0; i<20; i++) {
217 ret+=(DIGITS[((unsigned char)(0xF0 & buf[i])) >> 4 ]);
218 ret+=(DIGITS[0x0F & buf[i]]);
222 for (unsigned int i=0; i<20; i++) {
229 throw XMLSecurityException("Unable to generate SHA-1 hash.");
232 using namespace saml2p;
233 using namespace saml2md;
235 void opensaml::annotateException(XMLToolingException* e, const EntityDescriptor* entity, const Status* status, bool rethrow)
237 const RoleDescriptor* role = NULL;
239 const list<XMLObject*>& roles=entity->getOrderedChildren();
240 for (list<XMLObject*>::const_iterator child=roles.begin(); !role && child!=roles.end(); ++child) {
241 role=dynamic_cast<RoleDescriptor*>(*child);
242 if (role && !role->isValid())
246 annotateException(e, role, status, rethrow);
249 void opensaml::annotateException(XMLToolingException* e, const RoleDescriptor* role, const Status* status, bool rethrow)
252 auto_ptr_char id(dynamic_cast<EntityDescriptor*>(role->getParent())->getEntityID());
253 e->addProperty("entityID",id.get());
255 const vector<ContactPerson*>& contacts=role->getContactPersons();
256 for (vector<ContactPerson*>::const_iterator c=contacts.begin(); c!=contacts.end(); ++c) {
257 const XMLCh* ctype=(*c)->getContactType();
258 if (ctype && (XMLString::equals(ctype,ContactPerson::CONTACT_SUPPORT)
259 || XMLString::equals(ctype,ContactPerson::CONTACT_TECHNICAL))) {
260 GivenName* fname=(*c)->getGivenName();
261 SurName* lname=(*c)->getSurName();
262 auto_ptr_char first(fname ? fname->getName() : NULL);
263 auto_ptr_char last(lname ? lname->getName() : NULL);
264 if (first.get() && last.get()) {
265 string contact=string(first.get()) + ' ' + last.get();
266 e->addProperty("contactName",contact.c_str());
268 else if (first.get())
269 e->addProperty("contactName",first.get());
271 e->addProperty("contactName",last.get());
272 const vector<EmailAddress*>& emails=const_cast<const ContactPerson*>(*c)->getEmailAddresss();
273 if (!emails.empty()) {
274 auto_ptr_char email(emails.front()->getAddress());
276 e->addProperty("contactEmail",email.get());
282 auto_ptr_char eurl(role->getErrorURL());
284 e->addProperty("errorURL",eurl.get());
289 auto_ptr_char sc(status->getStatusCode() ? status->getStatusCode()->getValue() : NULL);
290 if (sc.get() && *sc.get())
291 e->addProperty("statusCode", sc.get());
292 if (status->getStatusCode()->getStatusCode()) {
293 auto_ptr_char sc2(status->getStatusCode()->getStatusCode()->getValue());
294 if (sc2.get() && *sc.get())
295 e->addProperty("statusCode2", sc2.get());
297 if (status->getStatusMessage()) {
298 auto_ptr_char msg(status->getStatusMessage()->getMessage());
299 if (msg.get() && *msg.get())
300 e->addProperty("statusMessage", msg.get());