SignerInfo.cpp

Go to the documentation of this file.
00001 
00009 #include "SignerInfo.h"
00010 
00011 #include "IssuerAndSerialNumber.h"
00012 #include "Buffer.h"
00013 #include "Attribute.h"
00014 #include "AlgorithmIdentifier.h"
00015 #include "KeyUsage.h"
00016 #include "Certificate.h"
00017 
00018 #include "PKIFCredential.h"
00019 #include "PKIFKeyMaterial.h"
00020 
00021 #include "PKIFCMSAttributeMediator2.h"
00022 #include "ToolkitUtils.h"
00023 #include "PKIFMessageException.h"
00024 #include "PKIFMessageErrors.h"
00025 #include "ASN1Helper.h"
00026 
00027 #include "CryptographicMessageSyntax2004.h"
00028 
00029 #include <iterator>
00031 struct CPKIFSignerInfoImpl
00032 {
00033     //structure members
00034     CACCMSCMSVersion m_version;
00035     CPKIFIssuerAndSerialNumberPtr m_issAndSerialNum;    //part of SignerIdentifier
00036     CPKIFBufferPtr m_skid;                          //part of SignerIdentifier
00037     CPKIFAlgorithmIdentifierPtr m_digestAlg;
00038     CPKIFAttributeList m_signedAttributes;
00039     CPKIFAttributeList m_unsignedAttributes;
00040     //signature alg determined from credential, signature value calculated
00041 
00042     CPKIFAlgorithmIdentifierPtr m_sigAlg;
00043     CPKIFBufferPtr m_sig;
00044 
00045     void populateUnsignedAttributesVector(const CACCMSUnsignedAttributes& ua);
00046     void populateSignedAttributesVector(const CACCMSSignedAttributes& sa);
00047 
00048     CPKIFCredentialPtr m_cred;
00049     CPKIFKeyMaterial* m_keyMaterial;
00050     bool m_bDecoded;
00051 
00052     CPKIFBufferPtr signedUnencodedAttrBufferPtr;
00053     CPKIFBufferPtr unsignedUnencodedAttrBufferPtr;
00054 };
00056 
00065 CPKIFSignerInfo::CPKIFSignerInfo()
00066     :m_impl (new CPKIFSignerInfoImpl)
00067 {
00068     m_impl->m_digestAlg = g_sha1AI;
00069     m_impl->m_keyMaterial = NULL;
00070     m_impl->m_bDecoded = false;
00071     m_impl->m_version = CACCMSv1;
00072 }
00073 
00083 CPKIFSignerInfo::CPKIFSignerInfo(
00085     //const CACCMSSignerInfo& si
00086     const CPKIFBufferPtr& siBuf)
00087     :m_impl (new CPKIFSignerInfoImpl)
00088 {
00089     CACASNWRAPPER_CREATE(CACCMSSignerInfo, InfoWrapper);
00090     InfoWrapper.Decode(siBuf->GetBuffer(), siBuf->GetLength());
00091 
00092     m_impl->m_keyMaterial = NULL;
00093 
00094     m_impl->m_version = InfoWrapper->version;
00095 
00096     //CPKIFAlgorithmIdentifier creation
00097     CPKIFOIDPtr algOID(new CPKIFOID(InfoWrapper->digestAlgorithm.algorithm.subid,
00098                         InfoWrapper->digestAlgorithm.algorithm.numids));
00099     
00100     CPKIFBufferPtr paramBuf;
00101     if(InfoWrapper->digestAlgorithm.m.parametersPresent)
00102     {
00103         paramBuf = CPKIFBufferPtr(new CPKIFBuffer(InfoWrapper->digestAlgorithm.parameters.data,
00104                     InfoWrapper->digestAlgorithm.parameters.numocts));
00105     
00106     
00107     }
00108     
00109     CPKIFAlgorithmIdentifierPtr alg(new CPKIFAlgorithmIdentifier(algOID, paramBuf)); 
00110     //CPKIFAlgorithmIdentifierPtr alg(new CPKIFAlgorithmIdentifier(*(CACX509V3AlgorithmIdentifier*)&InfoWrapper->digestAlgorithm));
00111     
00112     
00113     m_impl->m_digestAlg = alg;
00114 
00115     switch(InfoWrapper->sid.t)
00116     {
00117     case 1:
00118         {
00119 
00120         CACASNWRAPPER_CREATE(CACCMSIssuerAndSerialNumber, isnWrapper);
00121         ASN1OpenType* rawIsn = isnWrapper.Encode(InfoWrapper->sid.u.issuerAndSerialNumber);
00122         CPKIFBufferPtr buf(new CPKIFBuffer(rawIsn->data, rawIsn->numocts));
00123         delete rawIsn;
00124         
00125         CPKIFIssuerAndSerialNumberPtr tmpISN(new CPKIFIssuerAndSerialNumber(buf));
00126         //CPKIFIssuerAndSerialNumberPtr tmpISN(new CPKIFIssuerAndSerialNumber(*si.sid.u.issuerAndSerialNumber));
00127         m_impl->m_issAndSerialNum = tmpISN;
00128         }
00129         break;
00130     case 2:
00131         {
00132         CPKIFBufferPtr tmpSID(new CPKIFBuffer(InfoWrapper->sid.u.subjectKeyIdentifier->data, InfoWrapper->sid.u.subjectKeyIdentifier->numocts));
00133         m_impl->m_skid = tmpSID;
00134         }
00135         break;
00136     }
00137 
00138     CPKIFBufferPtr tmpSig(new CPKIFBuffer(InfoWrapper->signature.data, InfoWrapper->signature.numocts));
00139     m_impl->m_sig = tmpSig;
00140 
00141     //CPKIFAlgorithmIdentifier creation
00142     CPKIFOIDPtr algOID2(new CPKIFOID(InfoWrapper->signatureAlgorithm.algorithm.subid,
00143                 InfoWrapper->signatureAlgorithm.algorithm.numids));
00144     
00145     CPKIFBufferPtr paramBuf2;
00146     if(InfoWrapper->signatureAlgorithm.m.parametersPresent)
00147     {
00148         paramBuf2 = CPKIFBufferPtr(new CPKIFBuffer(InfoWrapper->signatureAlgorithm.parameters.data,
00149                 InfoWrapper->signatureAlgorithm.parameters.numocts));
00150     
00151     
00152     }
00153     
00154     CPKIFAlgorithmIdentifierPtr tmpSigAlg(new CPKIFAlgorithmIdentifier(algOID2, paramBuf2));
00155     //CPKIFAlgorithmIdentifierPtr tmpSigAlg(new CPKIFAlgorithmIdentifier(*(CACX509V3AlgorithmIdentifier*)&InfoWrapper->signatureAlgorithm));
00156     m_impl->m_sigAlg = tmpSigAlg;
00157 
00158     if(InfoWrapper->m.signedAttrsPresent)
00159     {
00160       try
00161       {
00162         CACASNWRAPPER_CREATE(CACCMSSignedAttributes, attrWrapper);
00163         ASN1OpenType *data = attrWrapper.Encode (&InfoWrapper->signedAttrs);
00164         CPKIFBufferPtr tmp(new CPKIFBuffer(data->data, data->numocts));
00165         m_impl->signedUnencodedAttrBufferPtr = tmp;
00166         delete data;
00167       }
00168       catch (...)
00169       {}
00170     }
00171 
00172     if(InfoWrapper->m.unsignedAttrsPresent)
00173     {
00174       try
00175       {
00176         CACASNWRAPPER_CREATE(CACCMSUnsignedAttributes, attrWrapper);
00177         ASN1OpenType *data = attrWrapper.Encode (&InfoWrapper->unsignedAttrs);
00178         CPKIFBufferPtr tmp(new CPKIFBuffer(data->data, data->numocts));
00179         m_impl->unsignedUnencodedAttrBufferPtr = tmp;
00180         delete data;
00181       }
00182       catch (...)
00183       {}
00184     }
00185 
00186     m_impl->m_bDecoded = true;
00187 }
00188 
00198 /*
00199 CPKIFSignerInfo::CPKIFSignerInfo(
00201     const CACCMSSignerInfo& si)
00202     :m_impl (new CPKIFSignerInfoImpl)
00203 {
00204     m_impl->m_keyMaterial = NULL;
00205 
00206     m_impl->m_version = si.version;
00207 
00208     CPKIFAlgorithmIdentifierPtr alg(new CPKIFAlgorithmIdentifier(*(CACX509V3AlgorithmIdentifier*)&si.digestAlgorithm));
00209     m_impl->m_digestAlg = alg;
00210 
00211     switch(si.sid.t)
00212     {
00213     case 1:
00214         {
00215 
00216         CACASNWRAPPER_CREATE(CACCMSIssuerAndSerialNumber, isnWrapper);
00217         ASN1OpenType* rawIsn = isnWrapper.Encode(si.sid.u.issuerAndSerialNumber);
00218         CPKIFBufferPtr buf(new CPKIFBuffer(rawIsn->data, rawIsn->numocts));
00219         delete rawIsn;
00220         
00221         CPKIFIssuerAndSerialNumberPtr tmpISN(new CPKIFIssuerAndSerialNumber(buf));
00222         //CPKIFIssuerAndSerialNumberPtr tmpISN(new CPKIFIssuerAndSerialNumber(*si.sid.u.issuerAndSerialNumber));
00223         m_impl->m_issAndSerialNum = tmpISN;
00224         }
00225         break;
00226     case 2:
00227         {
00228         CPKIFBufferPtr tmpSID(new CPKIFBuffer(si.sid.u.subjectKeyIdentifier->data, si.sid.u.subjectKeyIdentifier->numocts));
00229         m_impl->m_skid = tmpSID;
00230         }
00231         break;
00232     }
00233 
00234     CPKIFBufferPtr tmpSig(new CPKIFBuffer(si.signature.data, si.signature.numocts));
00235     m_impl->m_sig = tmpSig;
00236 
00237     CPKIFAlgorithmIdentifierPtr tmpSigAlg(new CPKIFAlgorithmIdentifier(*(CACX509V3AlgorithmIdentifier*)&si.signatureAlgorithm));
00238     m_impl->m_sigAlg = tmpSigAlg;
00239 
00240     if(si.m.signedAttrsPresent)
00241     {
00242       try
00243       {
00244         CACASNWRAPPER_CREATE(CACCMSSignedAttributes, attrWrapper);
00245         ASN1OpenType *data = attrWrapper.Encode (&si.signedAttrs);
00246         CPKIFBufferPtr tmp(new CPKIFBuffer(data->data, data->numocts));
00247         m_impl->signedUnencodedAttrBufferPtr = tmp;
00248         delete data;
00249       }
00250       catch (...)
00251       {}
00252     }
00253 
00254     if(si.m.unsignedAttrsPresent)
00255     {
00256       try
00257       {
00258         CACASNWRAPPER_CREATE(CACCMSUnsignedAttributes, attrWrapper);
00259         ASN1OpenType *data = attrWrapper.Encode (&si.unsignedAttrs);
00260         CPKIFBufferPtr tmp(new CPKIFBuffer(data->data, data->numocts));
00261         m_impl->unsignedUnencodedAttrBufferPtr = tmp;
00262         delete data;
00263       }
00264       catch (...)
00265       {}
00266     }
00267 
00268     m_impl->m_bDecoded = true;
00269 }
00270 */
00278 void CPKIFSignerInfo::GetEncodedSignedAttributes (
00280     CPKIFBufferPtr& buf) {
00281   if (m_impl)
00282   {
00283     buf = m_impl->signedUnencodedAttrBufferPtr;
00284   }
00285   else
00286   {
00287     CPKIFBufferPtr nullExt;
00288     buf = nullExt;
00289   }
00290 }
00298 void CPKIFSignerInfo::GetEncodedUnsignedAttributes (
00300     CPKIFBufferPtr& buf) {
00301   if (m_impl)
00302   {
00303     buf = m_impl->unsignedUnencodedAttrBufferPtr;
00304   }
00305   else
00306   {
00307     CPKIFBufferPtr nullExt;
00308     buf = nullExt;
00309   }
00310 }
00311 
00319 CPKIFSignerInfo::~CPKIFSignerInfo()
00320 {
00321     delete m_impl;
00322     m_impl = NULL;
00323 }
00334 bool CPKIFSignerInfo::Decoded() const
00335 {
00336     return m_impl->m_bDecoded;
00337 }
00357 CPKIFSignerInfo::SignerIdentifierChoice CPKIFSignerInfo::GetSignerIdentifierChoice() const
00358 {
00359     CPKIFIssuerAndSerialNumberPtr issAndSN = GetIssuerAndSerialNumber();
00360     if(issAndSN != (CPKIFIssuerAndSerialNumber*)NULL)
00361         return CPKIFSignerInfo::ISSUERANDSERIAL;
00362 
00363     CPKIFBufferPtr skid = GetSKID();
00364     if(skid != (CPKIFBuffer*)NULL)
00365         return CPKIFSignerInfo::SKID;
00366 
00367     return CPKIFSignerInfo::UNSET;
00368 }
00383 CPKIFCredentialPtr CPKIFSignerInfo::GetCredential() const 
00384 {
00385     return m_impl->m_cred;
00386 }
00394 /*CACCMSCMSVersion*/ unsigned int CPKIFSignerInfo::Version() 
00395 {
00396     return (unsigned int) m_impl->m_version;
00397 }
00406 CPKIFAlgorithmIdentifierPtr CPKIFSignerInfo::GetSignatureAlgorithm() const
00407 {
00408     return m_impl->m_sigAlg;
00409 }
00418 CPKIFBufferPtr CPKIFSignerInfo::GetSignature() const
00419 {
00420     return m_impl->m_sig;
00421 }
00429 CPKIFAlgorithmIdentifierPtr CPKIFSignerInfo::GetDigestAlg() const 
00430 {
00431     return m_impl->m_digestAlg;
00432 }
00442 void CPKIFSignerInfo::SetDigestAlg(
00444     CPKIFAlgorithmIdentifierPtr& digAlg) 
00445 {
00446     //accept no NULLs
00447     if(digAlg == (CPKIFAlgorithmIdentifier*)NULL)
00448         throw CPKIFMessageException(TOOLKIT_MESSAGE, COMMON_INVALID_INPUT);
00449 
00450     m_impl->m_digestAlg = digAlg;
00451 }
00462 void CPKIFSignerInfo::SetIssuerAndSerialNumber(
00465     CPKIFIssuerAndSerialNumberPtr& iasn)
00466 {
00467     //accept no NULLs
00468     if(iasn == (CPKIFIssuerAndSerialNumber*)NULL)
00469         throw CPKIFMessageException(TOOLKIT_MESSAGE, COMMON_INVALID_INPUT);
00470 
00471     m_impl->m_issAndSerialNum = iasn;
00472 }
00481 CPKIFIssuerAndSerialNumberPtr CPKIFSignerInfo::GetIssuerAndSerialNumber() const 
00482 {
00483     return m_impl->m_issAndSerialNum;
00484 }
00495 void CPKIFSignerInfo::SetSKID(CPKIFBufferPtr& skid)
00496 {
00497     //accept no NULLs
00498     if(skid == (CPKIFBuffer*)NULL)
00499         throw CPKIFMessageException(TOOLKIT_MESSAGE, COMMON_INVALID_INPUT);
00500 
00501     m_impl->m_skid = skid;
00502 }
00511 CPKIFBufferPtr CPKIFSignerInfo::GetSKID() const 
00512 {
00513     return m_impl->m_skid;
00514 }
00528 void CPKIFSignerInfo::SetCredential(
00531     CPKIFCredentialPtr& cred,
00532     bool enforceKeyUsage) 
00533 {
00534     if(cred == (CPKIFCredential*)NULL)
00535         throw CPKIFMessageException(TOOLKIT_MESSAGE_ASN, COMMON_INVALID_INPUT, "NULL credential.");
00536 
00537     CPKIFCertificatePtr cert = cred->GetCertificate();
00538     if(cert == (CPKIFCertificate*)NULL)
00539         throw CPKIFMessageException(TOOLKIT_MESSAGE_ASN, MSG_INVALID_CREDENTIAL, "Credential does not contain a certificate.");
00540 
00541     CPKIFKeyUsagePtr keyUsage = cert->GetExtension<CPKIFKeyUsage>();
00542     if(!enforceKeyUsage || keyUsage == (CPKIFKeyUsage*)NULL || keyUsage->DigitalSignature() || keyUsage->NonRepudiation())
00543         m_impl->m_cred = cred;
00544     else
00545         throw CPKIFMessageException(TOOLKIT_MESSAGE_ASN, MSG_INVALID_CREDENTIAL, "Credential is not valid for signature generation purposes.");
00546 }
00554 void CPKIFSignerInfo::GetUnsignedAttributes(
00556     CPKIFAttributeList& ual)
00557 {
00558     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00559 
00560     std::vector<CPKIFAttributePtr> tmpList;
00561     this->IPKIFHasAttributes::GetUnsignedAttributes(mediator, tmpList);
00562 
00563     copy(tmpList.begin(),tmpList.end(), back_inserter(ual));
00564 }
00572 void CPKIFSignerInfo::GetSignedAttributes(
00574     CPKIFAttributeList& sal)
00575 {
00576     sal.clear();
00577 
00578     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00579     
00580     std::vector<CPKIFAttributePtr> tmpList;
00581     this->IPKIFHasAttributes::GetSignedAttributes(mediator, tmpList);
00582 
00583     copy(tmpList.begin(),tmpList.end(), back_inserter(sal));
00584 }
00594 void CPKIFSignerInfo::AddUnsignedAttribute(
00596     CPKIFAttributePtr& ua)
00597 {
00598     //accept no NULLs
00599     if(ua == (CPKIFAttribute*)NULL)
00600         throw CPKIFMessageException(TOOLKIT_MESSAGE, COMMON_INVALID_INPUT);
00601 
00602     m_impl->m_unsignedAttributes.push_back(ua);
00603 }
00613 void CPKIFSignerInfo::AddSignedAttribute(CPKIFAttributePtr& sa)
00614 {
00615     //accept no NULLs
00616     if(sa == (CPKIFAttribute*)NULL)
00617         throw CPKIFMessageException(TOOLKIT_MESSAGE, COMMON_INVALID_INPUT);
00618 
00619     m_impl->m_signedAttributes.push_back(sa);
00620 }
00628 void CPKIFSignerInfoImpl::populateUnsignedAttributesVector(
00630     const CACCMSUnsignedAttributes& ua)
00631 {
00632     //if we've already populated the extensions vector then return
00633     if(!m_unsignedAttributes.empty())
00634         return;
00635 
00636     //if there are no extensions then return
00637     if(0 == ua.count)
00638     {
00639         m_unsignedAttributes.clear();
00640         return;
00641     }
00642 
00643     //create an extensions mediator using the default extension colleagues and initialize it
00644     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00645 
00646     //iterate over the list of extensions and populate the extensions vector
00647     DListNode* cur = ua.head;
00648     for(unsigned int ii = 0; ii < ua.count; ++ii)
00649     {
00650         CACCMSAttribute* attr = (CACCMSAttribute*) cur->data;
00651         CPKIFOIDPtr oid(new CPKIFOID(attr->attrType.subid, attr->attrType.numids));
00652         CPKIFBufferPtr buf(new CPKIFBuffer(attr->attrValues.data, attr->attrValues.numocts));
00653 
00654         m_unsignedAttributes.push_back(mediator->getAttribute(oid, buf));
00655         cur = cur->next;
00656     }
00657 }
00665 void CPKIFSignerInfoImpl::populateSignedAttributesVector(
00667     const CACCMSSignedAttributes& sa)
00668 {
00669     //if we've already populated the extensions vector then return
00670     if(!m_signedAttributes.empty())
00671         return;
00672 
00673     //if there are no extensions then return
00674     if(0 == sa.count)
00675     {
00676         m_signedAttributes.clear();
00677         return;
00678     }
00679 
00680     //create an extensions mediator using the default extension colleagues and initialize it
00681     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00682 
00683     //iterate over the list of extensions and populate the extensions vector
00684     DListNode* cur = sa.head;
00685     for(unsigned int ii = 0; ii < sa.count; ++ii)
00686     {
00687         CACCMSAttribute* attr = (CACCMSAttribute*) cur->data;
00688         CPKIFOIDPtr oid(new CPKIFOID(attr->attrType.subid, attr->attrType.numids));
00689         CPKIFBufferPtr buf(new CPKIFBuffer(attr->attrValues.data, attr->attrValues.numocts));
00690 
00691         m_signedAttributes.push_back(mediator->getAttribute(oid, buf));
00692         cur = cur->next;
00693     }
00694 }
00702 void CPKIFSignerInfo::_GetSignedAttributes(
00704     std::vector<CPKIFAttributePtr>& attrVector)
00705 {
00706     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00707     this->IPKIFHasAttributes::GetSignedAttributes(mediator, attrVector);
00708 }
00716 void CPKIFSignerInfo::_GetUnsignedAttributes(
00718     std::vector<CPKIFAttributePtr>& attrVector)
00719 {
00720     CPKIFCMSAttributeMediator2* mediator = CPKIFCMSAttributeMediator2::GetInstance();
00721     this->IPKIFHasAttributes::GetUnsignedAttributes(mediator, attrVector);
00722 }
00730 void CPKIFSignerInfo::GetAddedSignedAttributes(
00732     std::vector<CPKIFAttributePtr>& attr)
00733 {
00734   CPKIFAttributeList::iterator pos;
00735   CPKIFAttributeList::iterator end = m_impl->m_signedAttributes.end();
00736   for (pos = m_impl->m_signedAttributes.begin(); pos != end; pos++)
00737   {
00738     attr.push_back (*pos);
00739   }
00740 }
00748 void CPKIFSignerInfo::GetAddedUnsignedAttributes(
00750     std::vector<CPKIFAttributePtr>& attr)
00751 {
00752   CPKIFAttributeList::iterator pos;
00753   CPKIFAttributeList::iterator end = m_impl->m_unsignedAttributes.end();
00754   for (pos = m_impl->m_unsignedAttributes.begin(); pos != end; pos++)
00755   {
00756     attr.push_back (*pos);
00757   }
00758 }
Generated on Mon Nov 15 11:15:56 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6