Mixes for Privacy and Anonymity in the Internet
Public Member Functions | Private Member Functions | Private Attributes | Friends
CASignature Class Reference

List of all members.

Public Member Functions

 CASignature ()
 ~CASignature ()
CASignatureclone ()
SINT32 generateSignKey (UINT32 size)
SINT32 setSignKey (const UINT8 *buff, UINT32 len, UINT32 type, const char *passwd=NULL)
SINT32 setSignKey (const DOMNode *node, UINT32 type, const char *passwd=NULL)
SINT32 getSignKey (DOMElement *&node, XERCES_CPP_NAMESPACE::DOMDocument *doc)
 Gets the secret sign key as XML encode PKCS#12 struct.
SINT32 sign (const UINT8 *const in, UINT32 inlen, UINT8 *sig, UINT32 *siglen) const
 Perform Signature with either DSA, RSA or ECDSA.
SINT32 setVerifyKey (CACertificate *pCert)
 Set the key for signature testing to the one include in pCert.
SINT32 setVerifyKey (const DOMElement *xmlKey)
 Parses the XML representation of a DSA public key.
SINT32 getVerifyKey (CACertificate **)
 Get the public key as XML encoded X509 certificate.
SINT32 getVerifyKeyHash (UINT8 *buff, UINT32 *len)
 Calculates a SHA hash of the public key, which is represented as SubjectPublicKeyInfo.
SINT32 verifyXML (DOMNode *node, CACertStore *pTrustedCerts=NULL)
 Verifies a XML Signature under node root.
SINT32 getSignatureSize () const
SINT32 encodeRS (UINT8 *out, UINT32 *outLen, const DSA_SIG *const pdsaSig) const
SINT32 decodeRS (const UINT8 *const in, const UINT32 inLen, DSA_SIG *pDsaSig) const
 Converts a DSA signature from the XML Signature format to the openSSL R/S BigNumber format.
SINT32 verify (const UINT8 *const in, UINT32 inlen, DSA_SIG *const dsaSig) const
SINT32 verifyDER (UINT8 *in, UINT32 inlen, const UINT8 *dsaSig, const UINT32 sigLen)
 Verifies an ASN.1 DER encoded SHA1-DSA signature.
SINT32 verify (UINT8 *in, UINT32 inLen, UINT8 *sig, const UINT32 sigLen)
bool isDSA () const
bool isRSA () const
UINT8getSignatureMethod ()

Private Member Functions

DSA * getDSA ()
RSA * getRSA ()
SINT32 parseSignKeyXML (const UINT8 *buff, UINT32 len)
SINT32 sign (const UINT8 *const in, UINT32 inlen, DSA_SIG **dsaSig) const
SINT32 signRSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 *sigLen) const
SINT32 verifyRSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 sigLen) const
SINT32 verifyDSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 sigLen) const

Private Attributes

DSA * m_pDSA
RSA * m_pRSA

Friends

class CASSLContext

Constructor & Destructor Documentation

References m_pDSA, and m_pRSA.

Referenced by clone().

References m_pDSA, and m_pRSA.


Member Function Documentation

SINT32 CASignature::decodeRS ( const UINT8 *const  in,
const UINT32  inLen,
DSA_SIG *  pDsaSig 
) const

Converts a DSA signature from the XML Signature format to the openSSL R/S BigNumber format.

Parameters:
inthe xml signature value
inLensize of the xml signature value
pDsaSiga pointer to a DSA signature struct whose values will be set according to the xml signature value
Return values:
E_SUCCESSif succesful
E_UNKNOWNotherwise

References ASSERT, and E_SUCCESS.

SINT32 CASignature::encodeRS ( UINT8 out,
UINT32 outLen,
const DSA_SIG *const  pdsaSig 
) const

References E_SUCCESS.

Referenced by sign().

DSA* CASignature::getDSA ( ) [private]

References m_pDSA.

RSA* CASignature::getRSA ( ) [private]

References m_pRSA.

SINT32 CASignature::getSignKey ( DOMElement *&  node,
XERCES_CPP_NAMESPACE::DOMDocument *  doc 
)

Gets the secret sign key as XML encode PKCS#12 struct.

References createDOMElement(), E_SUCCESS, CABase64::encode(), getVerifyKey(), len, CACertificate::m_pCert, m_pDSA, and setDOMElementValue().

Referenced by CACmdLnOptions::buildDefaultConfig().

Get the public key as XML encoded X509 certificate.

Signs an XML Document.

Parameters:
insource byte array of the XML Document, which should be signed
inlensize of the source byte array
outdestination byte array which on return contains the XML Document including the XML Signature
outlensize of destination byte array, on return contains the len of the signed XML document
pIncludeCertspoints to a CACertStore, which holds CACertificates, which should be included in the XML Signature for easy verification; if NULL no Certs will be included
Return values:
E_SUCCESS,ifthe Signature could be successful created
E_SPACE,ifthe destination byte array is to small for the signed XML Document
E_UNKNOWN,otherwiseSigns a DOM Node. The XML Signature is include in the XML Tree as a Child of the Node. If ther is already a Signature is is removed first.
Parameters:
nodeNode which should be signed
pIncludeCertspoints to a CACertStore, which holds CACertificates, which should be included in the XML Signature for easy verification; if null no certificates will be included
Return values:
E_SUCCESS,ifthe Signature could be successful created
E_UNKNOWN,otherwise

References E_SUCCESS, E_UNKNOWN, m_pDSA, and CAMsg::printMsg().

Referenced by CACmdLnOptions::buildDefaultConfig(), and getSignKey().

Calculates a SHA hash of the public key, which is represented as SubjectPublicKeyInfo.

References E_SUCCESS, and m_pDSA.

bool CASignature::isDSA ( ) const
bool CASignature::isRSA ( ) const
SINT32 CASignature::parseSignKeyXML ( const UINT8 buff,
UINT32  len 
) [private]
SINT32 CASignature::setSignKey ( const UINT8 buff,
UINT32  len,
UINT32  type,
const char *  passwd = NULL 
)
SINT32 CASignature::setSignKey ( const DOMNode *  node,
UINT32  type,
const char *  passwd = NULL 
)

Set the key for signature testing to the one include in pCert.

If pCert ==NULL clears the signature test key

Parameters:
pCertCertificate including the test key
Return values:
E_SUCCESS,ifsuccesful
E_UNKNOWNotherwise

References DSA_clone(), E_SUCCESS, E_UNKNOWN, isDSA(), isRSA(), CACertificate::m_pCert, m_pDSA, m_pRSA, CAMsg::printMsg(), and RSA_clone().

Referenced by CAAccountingInstance::handleAccountCertificate_internal(), and CAMultiSignature::verifyXML().

SINT32 CASignature::setVerifyKey ( const DOMElement *  xmlKey)
SINT32 CASignature::sign ( const UINT8 *const  in,
UINT32  inlen,
UINT8 sig,
UINT32 siglen 
) const

Perform Signature with either DSA, RSA or ECDSA.

References E_SUCCESS, E_UNKNOWN, encodeRS(), m_pDSA, m_pRSA, and signRSA().

Referenced by CAMultiSignature::sign(), and CAMultiSignature::signXML().

SINT32 CASignature::sign ( const UINT8 *const  in,
UINT32  inlen,
DSA_SIG **  dsaSig 
) const [private]

References E_SUCCESS, E_UNKNOWN, and m_pDSA.

SINT32 CASignature::signRSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32 sigLen 
) const [private]

References E_SUCCESS, E_UNKNOWN, and m_pRSA.

Referenced by sign().

SINT32 CASignature::verify ( const UINT8 *const  in,
UINT32  inlen,
DSA_SIG *const  dsaSig 
) const

References E_SUCCESS, E_UNKNOWN, and m_pDSA.

Referenced by CAMultiSignature::verifyXML(), and verifyXML().

SINT32 CASignature::verify ( UINT8 in,
UINT32  inLen,
UINT8 sig,
const UINT32  sigLen 
)
SINT32 CASignature::verifyDER ( UINT8 in,
UINT32  inlen,
const UINT8 dsaSig,
const UINT32  sigLen 
)

Verifies an ASN.1 DER encoded SHA1-DSA signature.

Author:
Bastian Voigt
Parameters:
inthe document that was signed
inlenthe document length
dsaSigthe DER encoded signature
sigLenthe signature length (normally 46 bytes)
Return values:
E_SUCCESSif the signature is valid
E_UNKNOWNotherwise
Author:
Bastian Voigt
Parameters:
inthe document that was signed
inlen,thedocument length
dsaSigthe DER encoded signature
sigLenthe signature length (normally 46 bytes)
Returns:
E_SUCCESS if the signature is valid, E_UNKNOWN if an error occurs, E_INVALID if the signature is invalid

References E_INVALID, E_SUCCESS, E_UNKNOWN, and m_pDSA.

Referenced by CAAccountingInstance::handleChallengeResponse_internal().

SINT32 CASignature::verifyDSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32  sigLen 
) const [private]

References E_UNKNOWN, and m_pDSA.

Referenced by verify().

SINT32 CASignature::verifyRSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32  sigLen 
) const [private]

References E_UNKNOWN, getSignatureSize(), and m_pRSA.

Referenced by verify().

SINT32 CASignature::verifyXML ( DOMNode *  root,
CACertStore trustedCerts = NULL 
)

Friends And Related Function Documentation

friend class CASSLContext [friend]

Member Data Documentation

DSA* CASignature::m_pDSA [private]
RSA* CASignature::m_pRSA [private]