Mixes for Privacy and Anonymity in the Internet
Public Member Functions | Private Member Functions | Private Attributes | Friends | List of all members
CASignature Class Reference

Public Member Functions

 CASignature ()
 
 ~CASignature ()
 
CASignatureclone ()
 
SINT32 generateSignKey (UINT32 size)
 
SINT32 setSignKey (const UINT8 *buff, UINT32 len, UINT32 type, const char *passwd=NULL)
 
SINT32 setSignKey (const DOMNode *node, UINT32 type, const char *passwd=NULL)
 
SINT32 getSignKey (DOMElement *&node, XERCES_CPP_NAMESPACE::DOMDocument *doc)
 Gets the secret sign key as XML encode PKCS#12 struct. More...
 
SINT32 sign (const UINT8 *const in, UINT32 inlen, UINT8 *sig, UINT32 *siglen) const
 Perform Signature with either DSA, RSA or ECDSA. More...
 
SINT32 setVerifyKey (CACertificate *pCert)
 Set the key for signature testing to the one include in pCert. More...
 
SINT32 setVerifyKey (const DOMElement *xmlKey)
 Parses the XML representation of a DSA public key. More...
 
SINT32 getVerifyKey (CACertificate **)
 Get the public key as XML encoded X509 certificate. More...
 
SINT32 getVerifyKeyHash (UINT8 *buff, UINT32 *len)
 Calculates a SHA hash of the public key, which is represented as SubjectPublicKeyInfo. More...
 
SINT32 verifyXML (DOMNode *node, CACertStore *pTrustedCerts=NULL)
 Verifies a XML Signature under node root. More...
 
SINT32 getSignatureSize () const
 
SINT32 encodeRS (UINT8 *out, UINT32 *outLen, const DSA_SIG *const pdsaSig) const
 
SINT32 decodeRS (const UINT8 *const in, const UINT32 inLen, DSA_SIG *pDsaSig) const
 Converts a DSA signature from the XML Signature format to the openSSL R/S BigNumber format. More...
 
SINT32 verify (const UINT8 *const in, UINT32 inlen, DSA_SIG *const dsaSig) const
 
SINT32 verifyDER (UINT8 *in, UINT32 inlen, const UINT8 *dsaSig, const UINT32 sigLen)
 Verifies an ASN.1 DER encoded SHA1-DSA signature. More...
 
SINT32 verify (UINT8 *in, UINT32 inLen, UINT8 *sig, const UINT32 sigLen)
 
bool isDSA () const
 
bool isRSA () const
 
UINT8getSignatureMethod ()
 

Private Member Functions

DSA * getDSA ()
 
RSA * getRSA ()
 
SINT32 parseSignKeyXML (const UINT8 *buff, UINT32 len)
 
SINT32 sign (const UINT8 *const in, UINT32 inlen, DSA_SIG **dsaSig) const
 
SINT32 signRSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 *sigLen) const
 
SINT32 verifyRSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 sigLen) const
 
SINT32 verifyDSA (const UINT8 *dgst, const UINT32 dgstLen, UINT8 *sig, UINT32 sigLen) const
 

Private Attributes

DSA * m_pDSA
 
RSA * m_pRSA
 

Friends

class CASSLContext
 

Constructor & Destructor Documentation

◆ CASignature()

CASignature::CASignature ( )

References m_pDSA, and m_pRSA.

Referenced by clone().

◆ ~CASignature()

CASignature::~CASignature ( )

References m_pDSA, and m_pRSA.

Member Function Documentation

◆ clone()

CASignature * CASignature::clone ( )

◆ decodeRS()

SINT32 CASignature::decodeRS ( const UINT8 *const  in,
const UINT32  inLen,
DSA_SIG *  pDsaSig 
) const

Converts a DSA signature from the XML Signature format to the openSSL R/S BigNumber format.

Parameters
inthe xml signature value
inLensize of the xml signature value
pDsaSiga pointer to a DSA signature struct whose values will be set according to the xml signature value
Return values
E_SUCCESSif succesful
E_UNKNOWNotherwise

References ASSERT, and E_SUCCESS.

Referenced by verifyXML().

◆ encodeRS()

SINT32 CASignature::encodeRS ( UINT8 out,
UINT32 outLen,
const DSA_SIG *const  pdsaSig 
) const

References E_SUCCESS.

Referenced by sign().

◆ generateSignKey()

SINT32 CASignature::generateSignKey ( UINT32  size)

◆ getDSA()

DSA* CASignature::getDSA ( )
private

References m_pDSA.

◆ getRSA()

RSA* CASignature::getRSA ( )
private

◆ getSignatureMethod()

UINT8 * CASignature::getSignatureMethod ( )

◆ getSignatureSize()

SINT32 CASignature::getSignatureSize ( ) const

◆ getSignKey()

SINT32 CASignature::getSignKey ( DOMElement *&  node,
XERCES_CPP_NAMESPACE::DOMDocument *  doc 
)

Gets the secret sign key as XML encode PKCS#12 struct.

References createDOMElement(), E_SUCCESS, CABase64::encode(), getVerifyKey(), len, CACertificate::m_pCert, m_pDSA, and setDOMElementValue().

Referenced by CACmdLnOptions::buildDefaultConfig().

◆ getVerifyKey()

SINT32 CASignature::getVerifyKey ( CACertificate **  ppCert)

Get the public key as XML encoded X509 certificate.

Signs an XML Document.

Parameters
insource byte array of the XML Document, which should be signed
inlensize of the source byte array
outdestination byte array which on return contains the XML Document including the XML Signature
outlensize of destination byte array, on return contains the len of the signed XML document
pIncludeCertspoints to a CACertStore, which holds CACertificates, which should be included in the XML Signature for easy verification; if NULL no Certs will be included
Return values
E_SUCCESS,ifthe Signature could be successful created
E_SPACE,ifthe destination byte array is to small for the signed XML Document
E_UNKNOWN,otherwiseSignsa DOM Node. The XML Signature is include in the XML Tree as a Child of the Node. If ther is already a Signature is is removed first.
Parameters
nodeNode which should be signed
pIncludeCertspoints to a CACertStore, which holds CACertificates, which should be included in the XML Signature for easy verification; if null no certificates will be included
Return values
E_SUCCESS,ifthe Signature could be successful created
E_UNKNOWN,otherwise

References E_SUCCESS, E_UNKNOWN, m_pDSA, and CAMsg::printMsg().

Referenced by CACmdLnOptions::buildDefaultConfig(), and getSignKey().

◆ getVerifyKeyHash()

SINT32 CASignature::getVerifyKeyHash ( UINT8 buff,
UINT32 len 
)

Calculates a SHA hash of the public key, which is represented as SubjectPublicKeyInfo.

References E_SUCCESS, and m_pDSA.

◆ isDSA()

bool CASignature::isDSA ( ) const

◆ isRSA()

bool CASignature::isRSA ( ) const

◆ parseSignKeyXML()

SINT32 CASignature::parseSignKeyXML ( const UINT8 buff,
UINT32  len 
)
private

◆ setSignKey() [1/2]

SINT32 CASignature::setSignKey ( const UINT8 buff,
UINT32  len,
UINT32  type,
const char *  passwd = NULL 
)

◆ setSignKey() [2/2]

SINT32 CASignature::setSignKey ( const DOMNode *  node,
UINT32  type,
const char *  passwd = NULL 
)

◆ setVerifyKey() [1/2]

SINT32 CASignature::setVerifyKey ( CACertificate pCert)

Set the key for signature testing to the one include in pCert.

If pCert ==NULL clears the signature test key

Parameters
pCertCertificate including the test key
Return values
E_SUCCESS,ifsuccesful
E_UNKNOWNotherwise

References DSA_clone(), E_SUCCESS, E_UNKNOWN, isDSA(), isRSA(), CACertificate::m_pCert, m_pDSA, m_pRSA, CAMsg::printMsg(), and RSA_clone().

Referenced by CAAccountingInstance::handleAccountCertificate_internal(), and CAMultiSignature::verifyXML().

◆ setVerifyKey() [2/2]

SINT32 CASignature::setVerifyKey ( const DOMElement *  xmlKey)

◆ sign() [1/2]

SINT32 CASignature::sign ( const UINT8 *const  in,
UINT32  inlen,
UINT8 sig,
UINT32 siglen 
) const

Perform Signature with either DSA, RSA or ECDSA.

References E_SUCCESS, E_UNKNOWN, encodeRS(), m_pDSA, m_pRSA, and signRSA().

Referenced by getRSA(), CAMultiSignature::sign(), and CAMultiSignature::signXML().

◆ sign() [2/2]

SINT32 CASignature::sign ( const UINT8 *const  in,
UINT32  inlen,
DSA_SIG **  dsaSig 
) const
private

References E_SUCCESS, E_UNKNOWN, and m_pDSA.

◆ signRSA()

SINT32 CASignature::signRSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32 sigLen 
) const
private

◆ verify() [1/2]

SINT32 CASignature::verify ( const UINT8 *const  in,
UINT32  inlen,
DSA_SIG *const  dsaSig 
) const

References E_SUCCESS, E_UNKNOWN, and m_pDSA.

Referenced by CAMultiSignature::verifyXML(), and verifyXML().

◆ verify() [2/2]

SINT32 CASignature::verify ( UINT8 in,
UINT32  inLen,
UINT8 sig,
const UINT32  sigLen 
)

◆ verifyDER()

SINT32 CASignature::verifyDER ( UINT8 in,
UINT32  inlen,
const UINT8 dsaSig,
const UINT32  sigLen 
)

Verifies an ASN.1 DER encoded SHA1-DSA signature.

Author
Bastian Voigt
Parameters
inthe document that was signed
inlenthe document length
dsaSigthe DER encoded signature
sigLenthe signature length (normally 46 bytes)
Return values
E_SUCCESSif the signature is valid
E_UNKNOWNotherwise
Author
Bastian Voigt
Parameters
inthe document that was signed
inlen,thedocument length
dsaSigthe DER encoded signature
sigLenthe signature length (normally 46 bytes)
Returns
E_SUCCESS if the signature is valid, E_UNKNOWN if an error occurs, E_INVALID if the signature is invalid

References E_INVALID, E_SUCCESS, E_UNKNOWN, and m_pDSA.

Referenced by CAAccountingInstance::handleChallengeResponse_internal().

◆ verifyDSA()

SINT32 CASignature::verifyDSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32  sigLen 
) const
private

References E_UNKNOWN, len, and m_pDSA.

Referenced by getRSA(), and verify().

◆ verifyRSA()

SINT32 CASignature::verifyRSA ( const UINT8 dgst,
const UINT32  dgstLen,
UINT8 sig,
UINT32  sigLen 
) const
private

References E_UNKNOWN, getSignatureSize(), and m_pRSA.

Referenced by getRSA(), and verify().

◆ verifyXML()

SINT32 CASignature::verifyXML ( DOMNode *  root,
CACertStore trustedCerts = NULL 
)

Friends And Related Function Documentation

◆ CASSLContext

friend class CASSLContext
friend

Member Data Documentation

◆ m_pDSA

DSA* CASignature::m_pDSA
private

◆ m_pRSA

RSA* CASignature::m_pRSA
private