xmlsig 0.0.1

data/ext/xmlsig/BioWrap.h

@@ -0,0 +1,98 @@
+/*
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef _BIOWRAP_H
+#define _BIOWRAP_H
+
+#include <openssl/bio.h>
+#include <iostream>
+#include "Exceptions.h"
+
+/// @cond NO_INTERFACE
+/**
+ * Wrap OpenSSL BIO object
+ */
+class BioWrap
+{
+public:
+    /**
+     * Create a new memory BIO.
+     * @throws MemoryError if one couldn't be allocated
+     */
+    BioWrap () : mem(0)
+    {
+        mem = BIO_new(BIO_s_mem());
+        if (mem == NULL)
+        {
+            THROW_NORET(MemoryError, "Couldn't allocate BIO");
+        }
+    }
+    /**
+     * Destroy BIO, freeing its memory.
+     */
+    ~BioWrap ()
+    {
+        if (mem)
+        {
+            BIO_free_all(mem);
+            mem = 0;
+        }
+    }
+    /**
+     * Write the buffer to the BIO.
+     * @param buf Character buffer to write
+     * @param size Size of buffer
+     * @throws IOError on write failure
+     * @return 0 on success, <0 on failure
+     */
+    int write (xmlChar* buf, xmlSecSize size)
+    {
+        // cast size to int (same as in xmlsec library)
+        int ret = BIO_write(mem, buf, (int)size);
+        if (ret <= 0)
+        {
+            THROW(IOError, "BIO write failure", ret);
+        }
+        return ret;
+    }
+    /**
+     * Cast to a BIO pointer.
+     */
+    operator BIO* ()
+    {
+        return mem;
+    }
+    /** 
+     * Cast to a void pointer, good for null checks.
+     */
+    operator const void* ()
+    {
+        return mem;
+    }
+    /**
+     * Cast to an integer, nonzero if BIO is valid.
+     */
+    operator int ()
+    {
+        return mem != 0;
+    }
+
+protected:
+    BIO* mem;
+};
+/// @endcond
+
+#endif

data/ext/xmlsig/DSig.cpp

@@ -0,0 +1,109 @@
+/*
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <stdio.h>
+#include <string>
+
+#include <libxml/tree.h>
+#include <libxml/xmlmemory.h>
+#include <libxml/parser.h>
+
+#ifndef XMLSEC_NO_XSLT
+#include <libxslt/xslt.h>
+#endif /* XMLSEC_NO_XSLT */
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/xmldsig.h>
+#include <xmlsec/openssl/app.h>
+#include <xmlsec/openssl/crypto.h>
+
+#include "DSig.h"
+#include "Exceptions.h"
+
+static int dsigInitialized = 0;
+
+extern "C" const char *xmlsec_lt_dlerror(void);
+
+
+int dsigInit ()
+{
+    if (dsigInitialized)
+    {
+        return 0;
+    }
+    else
+    {
+        dsigInitialized = 1;
+    }
+
+    /* Init libxml and libxslt libraries */
+    xmlInitParser();
+    LIBXML_TEST_VERSION
+    xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+    xmlSubstituteEntitiesDefault(1);
+
+#ifndef XMLSEC_NO_XSLT
+    xmlIndentTreeOutput = 1;
+#endif // XMLSEC_NO_XSLT
+
+    // Init xmlsec library
+    if (xmlSecInit() < 0)
+    {
+        THROW(LibError, "xmlsec initialization failed", -1);
+    }
+    // Check loaded library version
+    if (xmlSecCheckVersion() != 1)
+    {
+        THROW(LibError, "Loaded xmlsec library version is not compatible", -1);
+    }
+    if (xmlSecOpenSSLAppInit(NULL) < 0)
+    {
+        THROW(LibError, "OpenSSL application initialization failed", -1);
+    }
+    // Init crypto library
+    if (xmlSecOpenSSLInit() < 0)
+    {
+        THROW(LibError, "xmlsec OpenSSL initialization failed", -1);
+    }
+    initErrorHandler();
+    return 0;
+}
+
+
+int dsigShutdown ()
+{
+    if (!dsigInitialized)
+    {
+        return -1;
+    }
+    // Shutdown xmlsec-crypto library
+    xmlSecOpenSSLShutdown();
+
+    // Shutdown crypto library
+    //xmlSecCryptoAppShutdown();
+
+    // Shutdown xmlsec library
+    xmlSecShutdown();
+
+    // Shutdown libxslt/libxml
+#ifndef XMLSEC_NO_XSLT
+    xsltCleanupGlobals();
+#endif // XMLSEC_NO_XSLT
+
+    xmlCleanupParser();
+    return 0;
+}

data/ext/xmlsig/DSig.h

@@ -0,0 +1,81 @@
+/*
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef _DSIG_H
+#define _DSIG_H
+
+#include "Exceptions.h"
+
+/**
+ * \mainpage
+ * 
+ * XMLSig is a C++ wrapper around the xmlsec library, providing a simple
+ * object oriented interface for dynamic languages.  Its main objectives
+ * are:
+ * 
+ * - To be a fully compliant XML Signature implementation.
+ *   See http://www.w3.org/TR/xmldsig-core/.
+ * - To have an API resembling Apache TSIK.
+ *   See http://incubator.apache.org/tsik/.
+ * 
+ * Secondary objectives include:
+ * 
+ * - Make it easy to bind to many dynamic languages.  
+ *   This can be seen in the minimal amount of type-mapping needed to
+ *   bind to XMLSig.  Only XMLSig objects and common C/C++ types are
+ *   exposed.  This gives the XMLSig interface a
+ *   lowest-common-denominator feel, and it is expected that language
+ *   enthusiasts will create wrapper modules that have a more
+ *   language-specific feel.
+ * - Play nicely with native language objects as much as possible.
+ *   One goal of XMLSig is to provide language-specific methods so
+ *   that developers can still use their language's standard libraries
+ *   with XMLSig.  For example, XMLSig encapsulates XML processing,
+ *   but different languages have their own favorite XML libraries, so
+ *   XMLSig should make it possible for developers to use their
+ *   language's standard XML API.
+ *
+ * \section license License
+ *
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *  Initialize the library.  Initializes the libxml2, libxslt, xmlsec
+ *  and OpenSSL libraries.  Also calls initErrorHandler.  This
+ *  function may be called more than once.
+ */
+int dsigInit();
+/**
+ *  Shutdown the library.  Calls the de-initialize functions for the
+ *  libxml2, libxslt, xmlsec and OpenSSL libraries.  
+ */
+int dsigShutdown();
+
+#endif

data/ext/xmlsig/DSigCtx.h

@@ -0,0 +1,72 @@
+/*
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef _DSIGCTX_H
+#define _DSIGCTX_H
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmldsig.h>
+#include <assert.h>
+#include "Exceptions.h"
+
+class DSigCtx
+{
+public:
+    DSigCtx (xmlSecKeysMngrPtr keysMngr = 0) 
+        : dsigCtx (0)
+    {
+        dsigCtx = xmlSecDSigCtxCreate(keysMngr);
+        if (!dsigCtx)
+        {
+            THROW_NORET(MemoryError, "Couldn't create DSIG context");
+        }
+    }
+    ~DSigCtx ()
+    {
+        if (dsigCtx)
+        {
+            xmlSecDSigCtxDestroy(dsigCtx);
+        }
+    }
+
+    operator int ()
+    {
+        return dsigCtx != NULL;
+    }
+    int operator! ()
+    {
+        return dsigCtx == NULL;
+    }
+    xmlSecDSigCtxPtr operator-> ()
+    {
+        assert(dsigCtx);
+        return dsigCtx;
+    }
+    operator xmlSecDSigCtxPtr ()
+    {
+        return dsigCtx;
+    }
+
+    void dump (FILE* file)
+    {
+        xmlSecDSigCtxDebugDump(dsigCtx, file);
+    }
+
+protected:
+    xmlSecDSigCtxPtr dsigCtx;
+};
+
+#endif

data/ext/xmlsig/Exceptions.cpp

@@ -0,0 +1,151 @@
+/*
+ * (C) Copyright 2006 VeriSign, Inc.
+ * Developed by Sxip Identity
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "Exceptions.h"
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/errors.h>
+#include <libxml/xmlerror.h>
+#include <libxslt/xsltutils.h>
+#include <iostream>
+#include <stdarg.h>
+
+#ifdef _WIN32
+#define snprintf _snprintf
+#define vsnprintf _vsnprintf
+#endif
+
+#define SEC_ERRORSTR_SIZE 2048
+char sec_error_str[SEC_ERRORSTR_SIZE] = "";
+#define ERRORSTR_SIZE 1024
+char xml_error_str[ERRORSTR_SIZE] = "";
+char xslt_error_str[ERRORSTR_SIZE] = "";
+
+
+void secErrorCallback (const char *file,
+                       int line,
+                       const char *func,
+                       const char *errorObject,
+                       const char *errorSubject,
+                       int reason,
+                       const char *msg)
+{
+    const char* error_msg = NULL;
+
+    for (xmlSecSize i = 0;
+            (i < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(i) != NULL);
+            ++i)
+    {
+        if (xmlSecErrorsGetCode(i) == reason)
+        {
+            error_msg = xmlSecErrorsGetMsg(i);
+            break;
+        }
+    }
+    char* str = sec_error_str;
+    for (; (*str && ((str - sec_error_str) < SEC_ERRORSTR_SIZE)); str++);
+    snprintf(str, SEC_ERRORSTR_SIZE - (str - sec_error_str),
+             "func=%s:file=%s:line=%d:obj=%s:subj=%s:error=%d:%s:%s\n",
+             (func != NULL) ? func : "unknown",
+             (file != NULL) ? file : "unknown",
+             line,
+             (errorObject != NULL) ? errorObject : "unknown",
+             (errorSubject != NULL) ? errorSubject : "unknown",
+             reason,
+             (error_msg != NULL) ? error_msg : "",
+             (msg != NULL) ? msg : "");
+#ifdef DEBUG_EXCEPTIONS
+    fprintf(stderr,
+            "func=%s:file=%s:line=%d:obj=%s:subj=%s:error=%d:%s:%s\n",
+            (func != NULL) ? func : "unknown",
+            (file != NULL) ? file : "unknown",
+            line,
+            (errorObject != NULL) ? errorObject : "unknown",
+            (errorSubject != NULL) ? errorSubject : "unknown",
+            reason,
+            (error_msg != NULL) ? error_msg : "",
+            (msg != NULL) ? msg : "");
+#endif // DEBUG_EXCEPTIONS
+}
+
+
+void xmlErrorCallback (void* str, const char* msg, ...)
+{
+    va_list args;
+    va_start(args, msg);
+    vsnprintf((char*)str, ERRORSTR_SIZE, msg, args);
+#ifdef DEBUG_EXCEPTIONS
+    vfprintf(stderr, msg, args);
+#endif // DEBUG_EXCEPTIONS
+    va_end(args);
+}
+
+
+void initErrorHandler ()
+{
+    xmlSecErrorsSetCallback(secErrorCallback);
+    xmlSetGenericErrorFunc(xml_error_str, xmlErrorCallback);
+#ifndef XMLSEC_NO_XSLT
+    xsltSetGenericErrorFunc(xslt_error_str, xmlErrorCallback);
+#endif
+}
+
+
+LibError::LibError ()
+    : DsigException()
+{
+    appendAll();
+}
+
+
+LibError::LibError (string what_str)
+    : DsigException(what_str)
+{
+    appendAll();
+}
+
+
+void LibError::clearErrorLogs ()
+{
+    char* strs[] = { sec_error_str, xml_error_str, xslt_error_str, "" };
+    for (char** str = strs; **str; str++)
+    {
+        **str = '\0';
+    }
+}
+
+void LibError::appendAll ()
+{
+    char* strs[] = { sec_error_str, xml_error_str, xslt_error_str, "" };
+    for (char** str = strs; **str; str++)
+    {
+        appendWhat(*str);
+    }
+}
+
+
+void LibError::appendWhat (char* str)
+{
+    if (*str)
+    {
+        if (what_str.length() && (what_str[what_str.length()] != '\n'))
+        {
+            what_str += "\n";
+        }
+        what_str += str;
+        *str = '\0';
+    }
+}
+