X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-xmltooling.git;a=blobdiff_plain;f=xmltooling%2Fencryption%2Fimpl%2FEncrypter.cpp;h=d4830cc4b4544805fbd8a9de68700f9aee81bff6;hp=4f5b3549f9ce65e0a868688246551f0b40f6aad8;hb=c390bc9abfd5ef673577b2da3104c3f36fb1c18d;hpb=63628ac851db55a3ee9ac5b74d1b204242229662 diff --git a/xmltooling/encryption/impl/Encrypter.cpp b/xmltooling/encryption/impl/Encrypter.cpp index 4f5b354..d4830cc 100644 --- a/xmltooling/encryption/impl/Encrypter.cpp +++ b/xmltooling/encryption/impl/Encrypter.cpp @@ -23,9 +23,10 @@ #include "internal.h" #include "encryption/Encrypter.h" -#include #include #include +#include +#include #include #include @@ -61,22 +62,14 @@ void Encrypter::checkParams(EncryptionParams& encParams, KeyEncryptionParams* ke if (!encParams.m_key) { // We have to have a raw key now, so we need to build a wrapper around it. - if (XMLString::equals(encParams.m_algorithm,DSIGConstants::s_unicodeStrURI3DES_CBC)) { - encParams.m_key=new OpenSSLCryptoSymmetricKey(XSECCryptoSymmetricKey::KEY_3DES_192); - } - else if (XMLString::equals(encParams.m_algorithm,DSIGConstants::s_unicodeStrURIAES128_CBC)) { - encParams.m_key=new OpenSSLCryptoSymmetricKey(XSECCryptoSymmetricKey::KEY_AES_128); - } - else if (XMLString::equals(encParams.m_algorithm,DSIGConstants::s_unicodeStrURIAES192_CBC)) { - encParams.m_key=new OpenSSLCryptoSymmetricKey(XSECCryptoSymmetricKey::KEY_AES_192); - } - else if (XMLString::equals(encParams.m_algorithm,DSIGConstants::s_unicodeStrURIAES256_CBC)) { - encParams.m_key=new OpenSSLCryptoSymmetricKey(XSECCryptoSymmetricKey::KEY_AES_256); - } - else { - throw EncryptionException("Unrecognized encryption algorithm, unable to build key wrapper."); - } - static_cast(encParams.m_key)->setKey(encParams.m_keyBuffer, encParams.m_keyBufferSize); + XSECAlgorithmHandler* handler =XSECPlatformUtils::g_algorithmMapper->mapURIToHandler(encParams.m_algorithm); + if (handler != NULL) + encParams.m_key = handler->createKeyForURI( + encParams.m_algorithm,const_cast(encParams.m_keyBuffer),encParams.m_keyBufferSize + ); + + if (!encParams.m_key) + throw EncryptionException("Unable to build wrapper for key, unknown algorithm?"); } // Set the encryption key. @@ -222,3 +215,51 @@ EncryptedData* Encrypter::decorateAndUnmarshall(EncryptionParams& encParams, Key xmlObject.release(); return xmlEncData; } + +EncryptedKey* Encrypter::encryptKey(const unsigned char* keyBuffer, unsigned int keyBufferSize, KeyEncryptionParams& kencParams) +{ + // Get a fresh cipher object and document. + + if (m_cipher) { + XMLToolingInternalConfig::getInternalConfig().m_xsecProvider->releaseCipher(m_cipher); + m_cipher=NULL; + } + + DOMDocument* doc=NULL; + try { + doc=XMLToolingConfig::getConfig().getParser().newDocument(); + m_cipher=XMLToolingInternalConfig::getInternalConfig().m_xsecProvider->newCipher(doc); + m_cipher->setKEK(kencParams.m_key->clone()); + auto_ptr encKey(m_cipher->encryptKey(keyBuffer, keyBufferSize, ENCRYPT_NONE, kencParams.m_algorithm)); + + EncryptedKey* xmlEncKey=NULL; + auto_ptr xmlObjectKey(XMLObjectBuilder::buildOneFromElement(encKey->getElement())); + if (!(xmlObjectKey.get()) || !(xmlEncKey=dynamic_cast(xmlObjectKey.get()))) + throw EncryptionException("Unable to unmarshall into EncryptedKey object."); + + xmlEncKey->releaseThisAndChildrenDOM(); + + // KeyInfo? + if (kencParams.m_keyInfo) { + xmlEncKey->setKeyInfo(kencParams.m_keyInfo); + kencParams.m_keyInfo=NULL; // transfer ownership + } + + doc->release(); + xmlObjectKey.release(); + return xmlEncKey; + } + catch(XSECException& e) { + doc->release(); + auto_ptr_char temp(e.getMsg()); + throw EncryptionException(string("XMLSecurity exception while encrypting: ") + temp.get()); + } + catch(XSECCryptoException& e) { + doc->release(); + throw EncryptionException(string("XMLSecurity exception while encrypting: ") + e.getMsg()); + } + catch (...) { + doc->release(); + throw; + } +}