-/*\r
- * Copyright 2001-2006 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * ContentReference.cpp\r
- * \r
- * SAML-specific signature reference profile \r
- */\r
- \r
-#include "internal.h"\r
-#include "signature/ContentReference.h"\r
-#include "signature/SignableObject.h"\r
-\r
-#include <xmltooling/signature/Signature.h>\r
-#include <xercesc/util/XMLUniDefs.hpp>\r
-#include <xsec/dsig/DSIGReference.hpp>\r
-#include <xsec/dsig/DSIGTransformC14n.hpp>\r
-\r
-using namespace opensaml;\r
-using namespace std;\r
-\r
-class _addprefix : public binary_function<DSIGTransformC14n*,string,void> {\r
-public:\r
- void operator()(DSIGTransformC14n* t, const string& s) const {\r
- if (s.empty())\r
- t->addInclusiveNamespace("#default");\r
- else \r
- t->addInclusiveNamespace(s.c_str());\r
- }\r
-};\r
-\r
-void ContentReference::createReferences(DSIGSignature* sig)\r
-{\r
- const XMLCh* id=m_signableObject.getXMLID();\r
- if (!id || !*id)\r
- throw xmlsignature::SignatureException("Cannot create Signature reference to SAML object without an identifier."); \r
- \r
- DSIGReference* ref=NULL;\r
- XMLCh* buf=new XMLCh[XMLString::stringLen(id) + 2];\r
- buf[0]=chPound;\r
- buf[1]=chNull;\r
- XMLString::catString(buf,id);\r
- try {\r
- ref=sig->createReference(buf);\r
- delete[] buf;\r
- }\r
- catch(...) {\r
- delete[] buf;\r
- throw;\r
- }\r
- ref->appendEnvelopedSignatureTransform();\r
- DSIGTransformC14n* c14n=ref->appendCanonicalizationTransform(CANON_C14NE_NOC);\r
- for_each(m_prefixes.begin(), m_prefixes.end(), bind1st(_addprefix(),c14n));\r
-}\r
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ */
+
+/**
+ * ContentReference.cpp
+ *
+ * SAML-specific signature reference profile.
+ */
+
+#include "internal.h"
+#include "signature/ContentReference.h"
+#include "signature/SignableObject.h"
+
+#include <xmltooling/signature/Signature.h>
+#include <xercesc/util/XMLUniDefs.hpp>
+#include <xsec/dsig/DSIGReference.hpp>
+#include <xsec/dsig/DSIGSignature.hpp>
+#include <xsec/dsig/DSIGTransformC14n.hpp>
+
+using namespace opensaml;
+using namespace xmltooling;
+using namespace std;
+
+void SignableObject::declareNonVisibleNamespaces() const
+{
+ ContentReference* cr = getSignature() ? dynamic_cast<ContentReference*>(getSignature()->getContentReference()) : nullptr;
+
+ // Compute inclusive prefix set.
+ map<xstring,xstring> decls;
+ XMLHelper::getNonVisiblyUsedPrefixes(*this, decls);
+
+ for (map<xstring,xstring>::const_iterator decl = decls.begin(); decl != decls.end(); ++decl) {
+
+ // Pin it to the object root. An existing copy of the prefix on the root will take precedence.
+ addNamespace(Namespace(decl->second.c_str(), decl->first.c_str(), true, Namespace::NonVisiblyUsed));
+
+ // Add to content reference, if any.
+ if (cr)
+ cr->addInclusivePrefix(decl->first.c_str());
+ }
+}
+
+ContentReference::ContentReference(const SignableObject& signableObject)
+ : m_signableObject(signableObject), m_digest(nullptr), m_c14n(nullptr)
+{
+}
+
+ContentReference::~ContentReference()
+{
+}
+
+void ContentReference::createReferences(DSIGSignature* sig)
+{
+ DSIGReference* ref = nullptr;
+ sig->setIdByAttributeName(false);
+ const XMLCh* id=m_signableObject.getXMLID();
+ if (!id || !*id)
+ ref=sig->createReference(&chNull, m_digest ? m_digest : DSIGConstants::s_unicodeStrURISHA1); // whole doc reference
+ else {
+ XMLCh* buf=new XMLCh[XMLString::stringLen(id) + 2];
+ buf[0]=chPound;
+ buf[1]=chNull;
+ XMLString::catString(buf,id);
+ try {
+ ref=sig->createReference(buf, m_digest ? m_digest : DSIGConstants::s_unicodeStrURISHA1);
+ delete[] buf;
+ }
+ catch(...) {
+ delete[] buf;
+ throw;
+ }
+ }
+
+ ref->appendEnvelopedSignatureTransform();
+ DSIGTransformC14n* c14n=ref->appendCanonicalizationTransform(m_c14n ? m_c14n : DSIGConstants::s_unicodeStrURIEXC_C14N_NOC);
+
+ if (!m_c14n || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_NOC || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_COM) {
+ // Build up the string of prefixes.
+ xstring prefixes;
+ static const XMLCh _default[] = { chPound, chLatin_d, chLatin_e, chLatin_f, chLatin_a, chLatin_u, chLatin_l, chLatin_t, chNull };
+ for (set<xstring>::const_iterator p = m_prefixes.begin(); p != m_prefixes.end(); ++p) {
+ prefixes += (p->empty() ? _default : p->c_str());
+ prefixes += chSpace;
+ }
+ if (!prefixes.empty()) {
+ prefixes.erase(prefixes.begin() + prefixes.size() - 1);
+ c14n->setInclusiveNamespaces(const_cast<XMLCh*>(prefixes.c_str()));
+ }
+ }
+}
+
+void ContentReference::addInclusivePrefix(const XMLCh* prefix)
+{
+ m_prefixes.insert(prefix ? prefix : &chNull);
+}
+
+void ContentReference::setDigestAlgorithm(const XMLCh* digest)
+{
+ m_digest = digest;
+}
+
+void ContentReference::setCanonicalizationMethod(const XMLCh* c14n)
+{
+ m_c14n = c14n;
+}
projects / shibboleth / cpp-opensaml.git / blobdiff