ref->appendEnvelopedSignatureTransform();
DSIGTransformC14n* c14n=ref->appendCanonicalizationTransform(m_c14n ? m_c14n : DSIGConstants::s_unicodeStrURIEXC_C14N_NOC);
+
if (!m_c14n || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_NOC || m_c14n == DSIGConstants::s_unicodeStrURIEXC_C14N_COM) {
- addPrefixes(m_signableObject);
-#ifdef HAVE_GOOD_STL
+ // Compute inclusive prefix set.
+ set<xstring> prefix_set;
+ XMLHelper::getNonVisiblyUsedPrefixes(m_signableObject, prefix_set);
+ prefix_set.insert(m_prefixes.begin(), m_prefixes.end());
+
+ // Build up the string of prefixes.
xstring prefixes;
- for (set<xstring>::const_iterator p = m_prefixes.begin(); p!=m_prefixes.end(); ++p)
- prefixes += *p + chSpace;
+ static const XMLCh _default[] = { chPound, chLatin_d, chLatin_e, chLatin_f, chLatin_a, chLatin_u, chLatin_l, chLatin_t, chNull };
+ for (set<xstring>::const_iterator p = prefix_set.begin(); p != prefix_set.end(); ++p) {
+ prefixes += (p->empty() ? _default : p->c_str());
+ prefixes += chSpace;
+ }
if (!prefixes.empty()) {
prefixes.erase(prefixes.begin() + prefixes.size() - 1);
c14n->setInclusiveNamespaces(XMLString::replicate(prefixes.c_str()));
}
-#else
- for (set<string>::const_iterator p = m_prefixes.begin(); p!=m_prefixes.end(); ++p)
- c14n->addInclusiveNamespace(p->c_str());
-#endif
}
}
void ContentReference::addInclusivePrefix(const XMLCh* prefix)
{
- static const XMLCh _default[] = { chPound, chLatin_d, chLatin_e, chLatin_f, chLatin_a, chLatin_u, chLatin_l, chLatin_t, chNull };
-
-#ifdef HAVE_GOOD_STL
- if (prefix && *prefix)
- m_prefixes.insert(prefix);
- else
- m_prefixes.insert(_default);
-#else
- if (prefix && *prefix) {
- auto_ptr_char p(prefix);
- m_prefixes.insert(p.get());
- }
- else
- m_prefixes.insert("#default");
-#endif
+ m_prefixes.insert(prefix ? prefix : &chNull);
}
void ContentReference::setDigestAlgorithm(const XMLCh* digest)
{
m_c14n = c14n;
}
-
-void ContentReference::addPrefixes(const std::set<Namespace>& namespaces)
-{
- for (set<Namespace>::const_iterator n = namespaces.begin(); n!=namespaces.end(); ++n) {
- // Check for xmlns:xml.
- if (!XMLString::equals(n->getNamespacePrefix(), xmlconstants::XML_PREFIX) || !XMLString::equals(n->getNamespaceURI(), xmlconstants::XML_NS))
- addInclusivePrefix(n->getNamespacePrefix());
- }
-}
-
-void ContentReference::addPrefixes(const XMLObject& xmlObject)
-{
- addPrefixes(xmlObject.getNamespaces());
- const list<XMLObject*>& children = xmlObject.getOrderedChildren();
- for (list<XMLObject*>::const_iterator child = children.begin(); child!=children.end(); ++child) {
- if (*child)
- addPrefixes(*(*child));
- }
-}
void setCanonicalizationMethod(const XMLCh* c14n);
private:
- void addPrefixes(const std::set<xmltooling::Namespace>& namespaces);
- void addPrefixes(const xmltooling::XMLObject& xmlObject);
-
const SignableObject& m_signableObject;
-#ifdef HAVE_GOOD_STL
std::set<xmltooling::xstring> m_prefixes;
-#else
- std::set<std::string> m_prefixes;
-#endif
const XMLCh* m_digest;
const XMLCh* m_c14n;
};
<ds:Reference URI="#ident">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
-</ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>j2GRm2UDOBvxwlzvX0fjXYeAGIA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
-<ds:SignatureValue>noFPfzQYxU1saeMUTiuX0SuMtNfI78cBqrzsxB7SnwJ2ea/DBrG4FnXQ3swQLfsv
-OX1Sy3zvUSWDte91Tr+SAVD0oUsk+wx5dQrDX9aQnYq5b8snbWpJRskiQYKFYfGG
-sIovi2m9YOS7FuyOHemMlDc+AMiLFz+wYL6mNXNKuL8=</ds:SignatureValue>
+<ds:SignatureValue>AA5098JC4gfdAf2bvPQRZ9Ld/VehXAB3uhp0r4js4i6fMB3hGMs4VnE9iEJEsPDD
+0Kj4cfewxHij/kHrWcxpKMMqIgGlqKYZhuQHfFt8GzDeeFIgu1R675jcN4uCOoWl
+3aRVd9hgPRsXzf7/RkMiXHIsU/NjUPRKf7GjNt2jNT0=</ds:SignatureValue>
<ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
<ds:Reference URI="#ident">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/>
-</ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>pqhIt8nUldh3KVL6IEewRxKXYhM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
-<ds:SignatureValue>LZjrLObm21F7WoLEpuzKs9d+R9+qqyh1YOiwc5P1vfFDadrk+bPCQFR/RpkjJpNw
-fnUONvYshTjltqLqHSNCNbBoYdK1AZxP8/ucqIK1jqi88FDao2ZccenEscDnjjrW
-ZwoFCcR5Mx5oie5wmBzKqStjh0aGP5JVXW2gerULpLI=</ds:SignatureValue>
+<ds:SignatureValue>UE5p832pLFYvMloRofN3y0rrFY7B8zOcF7+CHYyxFn6pqgPeEYGqkbUWlV15/tJ5
+wXJ3LiLQroYQI3XHPvKRSV4OtF9ZFm4QDK7RNd6gnUmHed6Zje//e6z2ekA0UzTl
+IeWCuD84mWemMJzRAhSFKcnqJDBHA61Krvg1kf/2c2E=</ds:SignatureValue>
<ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
<ds:Reference URI="#rident">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/>
-</ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-<ds:DigestValue>DZzCmg8AWJp4jG9J7OGIZ72oSlE=</ds:DigestValue>
+<ds:DigestValue>LLd/E9wNLNBk2y3QM5Hnus2bfbU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
-<ds:SignatureValue>CkkbbVTtfN4Ib5/tydsNYKob2vBM0aPNyVre4iCWaxMpCqeuyLzsBQI+H9a0YfZX
-ykSBgP+mmPku5U1Lu3zn9+X5JK4lztDH4VsQteXJIRUnHipWZQSOeso8Wq5JQ/+0
-Qrp+HPi+9L8K1FGYJ5/Wfl2XlMSET/bM4jk6GiykFiw=</ds:SignatureValue>
+<ds:SignatureValue>sJJgyDky3ddp2PGAgBEHAl3BhPs9uI8gJSeb9NQ3C/frkX8S/maAWaX49nzncX9s
+8npru0M8CvluArgE7EtPAPoSfcT+M1nmpqn5vikkMN1V6rd7ogwTik9A/c7zv+E7
+OZwJtSDDBV7dwB3645iJUHW4SGxRyJUOiaAKHf7thwc=</ds:SignatureValue>
<ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
<ds:Reference URI="#aident">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
-</ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>/owFROXYYru5+/j0TpHEz+hjXqY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
-<ds:SignatureValue>xttzgmYBtjqoxeKRkScW6dIkE5pGyBeTcajAevaquJeAKrRcagu2on/4Apq5xsse
-tgdkQnMUV+yPHKw+t0tXGUJCnL286/ePGdz2TAVIg5idT7H6TxFLgUbCO4xoKH4h
-zGQjxxPZvXbb7z9XTAqIkyW1QbaC20i+IOkk1ZQiBEU=</ds:SignatureValue>
+<ds:SignatureValue>d4SsRgDSjboTRA2YUD68TPp+17AqRmxbY/LrWJhueIC/JY+Ct7+Fd6bugUXliIeD
+NVRDACsEB7PqYWZ99+Ecf8XAmQYCw5elj8mWxPp0o+UVHtBZOR2bC+/YjNitSM+x
+G/F3JgZqfunUcg7mcj6WEAUt4pjKhjaTY8Z7QJltdKc=</ds:SignatureValue>
<ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
<ds:Reference URI="#ident">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml"/>
-</ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>8DSEsWJl4wOiwY15f7fAurDWpbo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
-<ds:SignatureValue>rOtKGQFdqy51HXwY20wEPgkITlwllm//yJkIWTQdWbMSA+Eb9B+NWOSj+8MEWe5b
-jaM1lJ8as3hbetUMKNPKO2mX1M08cveth7mPG9VsJVArvLsn8UYyNX7WUDzCUu0G
-aVHlZYCFeixUPS/NaXVWvtb7CUyNV4vPnsPYIEI1+gQ=</ds:SignatureValue>
+<ds:SignatureValue>zgKU42nQKyB9m8RkDz1I2r7h0N9pc5ys9kve7oN9/Dugrn583/3bMgQBfk1rw4Pq
+BfztAZNcf2lstzvgpVB9fVTsTUuEDtT0mhc+f5t8kbCkABGu0SrfCnDjbYpmEeLC
+j8rJO4aSZIV4tN21aAkQyys28l4oB3KGTTDASjEPVgQ=</ds:SignatureValue>
<ds:KeyInfo><ds:KeyName>sp.example.org</ds:KeyName><ds:X509Data><ds:X509SubjectName>CN=sp.example.org,O=Internet2,C=US</ds:X509SubjectName><ds:X509Certificate>MIICjzCCAfigAwIBAgIJAKk8t1hYcMkhMA0GCSqGSIb3DQEBBAUAMDoxCzAJBgNV
BAYTAlVTMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDnNwLmV4YW1wbGUu
b3JnMB4XDTA1MDYyMDE1NDgzNFoXDTMyMTEwNTE1NDgzNFowOjELMAkGA1UEBhMC
projects / shibboleth / cpp-opensaml.git / commitdiff