PKIFXSECCryptoKeyDSA.cpp

Go to the documentation of this file.
00001 
00011 #include "PKIFXSECCryptoKeyDSA.h"
00012 #include "PKIFXSECCrypto.h"
00013 
00014 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
00015 #include <xsec/enc/XSECCryptoException.hpp>
00016 #include <xsec/enc/XSECCryptoUtils.hpp>
00017 #include <xsec/framework/XSECError.hpp>
00019 struct PKIFXSECCryptoKeyDSAImpl
00020 {
00021     IPKIFMediatorPtr m_med;
00022     CPKIFKeyMaterialPtr m_km;
00023     CPKIFCredentialPtr m_cred;
00024 };
00026 
00034 PKIFXSECCryptoKeyDSA::PKIFXSECCryptoKeyDSA()
00035 :m_impl(new PKIFXSECCryptoKeyDSAImpl())
00036 {
00037 }
00038 
00046 PKIFXSECCryptoKeyDSA::~PKIFXSECCryptoKeyDSA()
00047 {
00048     if(m_impl) {
00049         delete m_impl;
00050         m_impl = 0;
00051     }
00052 }
00053 
00061 XSECCryptoKey * PKIFXSECCryptoKeyDSA::clone() const
00062 {
00063     PKIFXSECCryptoKeyDSA * rv = new PKIFXSECCryptoKeyDSA();
00064     rv->m_impl->m_cred = m_impl->m_cred;
00065     rv->m_impl->m_km = m_impl->m_km;
00066     rv->m_impl->m_med = m_impl->m_med;
00067     return rv;
00068 }
00069 
00079 bool PKIFXSECCryptoKeyDSA::verifyBase64Signature(
00081     unsigned char * hashBuf,
00083     unsigned int hashLen,
00085     char * base64Signature,
00087     unsigned int sigLen)
00088 {
00089     if(!m_impl->m_km){
00090         throw XSECCryptoException(XSECCryptoException::DSAError,
00091         "PKIFXSECCryptoKeyDSA - No key available for DSA verification");
00092     }
00093     IPKIFCryptoRawOperations* cm = m_impl->m_med->GetMediator<IPKIFCryptoRawOperations>();
00094     if(!cm) {
00095         throw XSECCryptoException(XSECCryptoException::DSAError,
00096         "PKIFXSECCryptoKeyDSA - No appropriate mediator available for DSA verification");
00097     }
00098     // Decode the signature
00099     XSCryptCryptoBase64 b64;
00100     unsigned char * decSig = new unsigned char[sigLen];
00101     b64.decodeInit();
00102     unsigned int decSigLen = b64.decode((unsigned char *) base64Signature, sigLen, decSig, sigLen);
00103     decSigLen += b64.decodeFinish(&decSig[decSigLen], sigLen - decSigLen);
00104     bool ok = false;
00105     try {
00106         ok = cm->Verify(*(m_impl->m_km),hashBuf,hashLen,decSig,decSigLen,PKIFCRYPTO::SHA1);
00107     }catch(CPKIFException & e){
00108         throw XSECCryptoException(XSECCryptoException::DSAError, e.GetDescription());
00109     }
00110     // the key resolver class will have already verified the cert and set up the key material
00111     return ok;
00112 }
00113 
00125 unsigned int PKIFXSECCryptoKeyDSA::signBase64Signature(
00127     unsigned char * hashBuf,
00129     unsigned int hashLen,
00131     char * base64SignatureBuf,
00133     unsigned int base64SignatureBufLen)
00134 {
00135     if(!m_impl->m_cred) {
00136         throw XSECCryptoException(XSECCryptoException::DSAError,
00137         "PKIFXSECCryptoKeyDSA - No key available for DSA signing");
00138     }
00139     IPKIFCryptoKeyIDOperations* cm = m_impl->m_med->GetMediator<IPKIFCryptoKeyIDOperations>();
00140     if(!cm) {
00141         throw XSECCryptoException(XSECCryptoException::DSAError,
00142         "PKIFXSECCryptoKeyDSA - No appropriate mediator available for DSA signing");
00143     }
00144     // XXX *** as the library is currently written, this will only ever be called for plain DSA signatures.
00145     // thus, always 40
00146     int sigOutLen = 40;
00147     unsigned char * sigOut = new unsigned char[sigOutLen];
00148     try {
00149         // XXX *** The hard coded hash is a limitation of the XML security library's treatment of DSA
00150         cm->Sign(*(m_impl->m_cred),hashBuf,hashLen,sigOut,&sigOutLen,PKIFCRYPTO::SHA1);
00151     }catch(CPKIFException & e){
00152         throw XSECCryptoException(XSECCryptoException::DSAError, e.GetDescription());
00153     }
00154 
00155     // Now encode
00156     XSCryptCryptoBase64 b64;
00157     b64.encodeInit();
00158     unsigned int ret = b64.encode(sigOut, 40, (unsigned char *) base64SignatureBuf, base64SignatureBufLen);
00159     ret += b64.encodeFinish((unsigned char *) &base64SignatureBuf[ret], base64SignatureBufLen - ret);
00160     return ret;
00161 }
00162 
00163 
00171 void PKIFXSECCryptoKeyDSA::SetMediator(
00173    IPKIFMediatorPtr & med)
00174 {
00175     m_impl->m_med = med;
00176 }
00177 
00185 void PKIFXSECCryptoKeyDSA::SetCredential(
00187     CPKIFCredentialPtr & cred)
00188 {
00189     m_impl->m_cred = cred;
00190 }
00191 
00199 void PKIFXSECCryptoKeyDSA::SetKeyMaterial(
00201     CPKIFKeyMaterialPtr & km)
00202 {
00203     m_impl->m_km = km;
00204 }
00205 
00213 const XMLCh * PKIFXSECCryptoKeyDSA::getProviderName() const
00214 {
00215     return pkifProvName();
00216 }
00217 
00225 XSECCryptoKey::KeyType PKIFXSECCryptoKeyDSA::getKeyType() const
00226 {
00227     if(!m_impl) return XSECCryptoKey::KEY_NONE;
00228     if(m_impl->m_cred) return XSECCryptoKey::KEY_DSA_PAIR;
00229     if(m_impl->m_km) return XSECCryptoKey::KEY_DSA_PUBLIC;
00230     return XSECCryptoKey::KEY_NONE;
00231 }
00232 
00233
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6