diff --git a/experimental/facho-signer/xades/xades.c b/experimental/facho-signer/xades/xades.c index cfd275b..ba3548a 100644 --- a/experimental/facho-signer/xades/xades.c +++ b/experimental/facho-signer/xades/xades.c @@ -8,7 +8,7 @@ #define xmlXadesNodeNotFoundError(errorFunction, startNode, targetNodeName, errorObject) \ xmlSecNodeNotFoundError(errorFunction, startNode, targetNodeName, errorObject) -#define xmlXadesError2(errorFunction, errorObject, msg, param) \ +#define xmlXadesXmlError2(errorFunction, errorObject, msg, param) \ xmlSecXmlError2(errorFunction, errorObject, msg, param) #define xmlXadesErrorsSafeString(msg) \ @@ -17,6 +17,8 @@ #define xmlXadesInternalError(errorFunction, errorObject) \ xmlSecInternalError(errorFunction, errorObject) +#define xmlXadesNodeAlreadyPresentError(parent, nodeName, errObject) \ + xmlSecNodeAlreadyPresentError(parent, nodeName, errObject) xmlNodePtr xmlXadesTmplQualifyingPropertiesCreateNsPref(xmlDocPtr doc, const xmlChar* id, const xmlChar* nsPrefix) { @@ -27,14 +29,14 @@ xmlXadesTmplQualifyingPropertiesCreateNsPref(xmlDocPtr doc, const xmlChar* id, c // crear nodo qualifyingPropertiesNode = xmlNewDocNode(doc, NULL, xmlXadesNodeQualifyingProperties, NULL); if (qualifyingPropertiesNode == NULL) { - xmlXadesError2("xmlNewDocNode", NULL, "node=%s", xmlXadesErrorsSafeString(xmlXadesNodeQualifyingProperties)); + xmlXadesXmlError2("xmlNewDocNode", NULL, "node=%s", xmlXadesErrorsSafeString(xmlXadesNodeQualifyingProperties)); return(NULL); } // crear namespace y asignar ns = xmlNewNs(qualifyingPropertiesNode, xmlXadesDSigNs, nsPrefix); if (ns == NULL) { - xmlXadesError2("xmlNewNs", NULL, + xmlXadesXmlError2("xmlNewNs", NULL, "ns=%s", xmlXadesErrorsSafeString(xmlXadesDSigNs)); xmlFreeNode(qualifyingPropertiesNode); return(NULL); @@ -57,6 +59,7 @@ xmlXadesTmplQualifyingPropertiesCreateNsPref(xmlDocPtr doc, const xmlChar* id, c return (qualifyingPropertiesNode); } + xmlNodePtr xmlXadesTmplAddSignedSignatureProperties(xmlNodePtr parentNode, const xmlChar* id, struct tm* signingTime) { xmlNodePtr cur; @@ -111,5 +114,193 @@ xmlXadesTmplAddSignedSignatureProperties(xmlNodePtr parentNode, const xmlChar* i } } + // addSigningCertificate + cur = xmlSecAddChild(node, xmlXadesNodeSigningCertificate, xmlXadesDSigNs); + if (cur == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeSigningCertificate)", NULL); + xmlFreeNode(node); + return(NULL); + } + return(node); } + +xmlNodePtr +xmlXadesTmplAddSigningCertificate(xmlNodePtr signedSignaturePropertiesNode) { + xmlNodePtr node; + + xmlXadesAssert2(signedSignaturePropertiesNode != NULL, NULL); + if (xmlSecFindChild(signedSignaturePropertiesNode, xmlXadesNodeSigningCertificate, xmlXadesDSigNs) != NULL) { + xmlXadesNodeAlreadyPresentError(signedSignaturePropertiesNode, xmlXadesNodeSigningCertificate, NULL); + return(NULL); + } + + node = xmlSecAddChild(signedSignaturePropertiesNode, xmlXadesNodeSigningCertificate, xmlXadesDSigNs); + if (node == NULL) { + xmlXadesInternalError("xmlsecAddChild(xmlXadesNodeSigningCertificate)", NULL); + return(NULL); + } + + return(node); +} + +xmlNodePtr +xmlXadesTmplAddCert(xmlNodePtr parentNode) { + xmlNodePtr node; + + xmlXadesAssert2(parentNode != NULL, NULL); + if (xmlSecFindChild(parentNode, xmlXadesNodeCertificate, xmlXadesDSigNs) != NULL) { + xmlXadesNodeAlreadyPresentError(parentNode, xmlXadesNodeCertificate, NULL); + return(NULL); + } + + node = xmlSecAddChild(parentNode, xmlXadesNodeCertificate, xmlXadesDSigNs); + if (node == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeCertificate)", NULL); + return(NULL); + } + + return(node); +} + +xmlNodePtr +xmlXadesTmplAddSignaturePolicyIdentifierSignaturePolicyId(xmlNodePtr signedSignaturePropertiesNode) { + xmlNodePtr cur; + + xmlXadesAssert2(signedSignaturePropertiesNode != NULL, NULL); + if (xmlSecFindChild(signedSignaturePropertiesNode, xmlXadesNodeSigningCertificate, xmlXadesDSigNs) != NULL) { + xmlXadesNodeAlreadyPresentError(signedSignaturePropertiesNode, xmlXadesNodeSigningCertificate, NULL); + return(NULL); + } + + cur = xmlSecAddChild(signedSignaturePropertiesNode, xmlXadesNodeSignaturePolicyIdentifier, xmlXadesDSigNs); + if (cur == NULL) { + xmlXadesInternalError("xmlsecAddChild(xmlXadesNodeSignaturePolicyIdentifier)", NULL); + return(NULL); + } + + cur = xmlSecAddChild(cur, xmlXadesNodeSignaturePolicyId, xmlXadesDSigNs); + if (cur == NULL) { + xmlXadesInternalError("xmlsecAddChild(xmlXadesNodeSignaturePolicyId)", NULL); + return(NULL); + } + + return(cur); +} + +xmlNodePtr +xmlXadesTmplAddSigPolicyId(xmlNodePtr signaturePolicyId, const xmlChar* identifier, const xmlChar *description, xmlSecTransformId policyDigestMethodId) { + xmlNodePtr sigPolicyIdNode; + xmlNodePtr sigPolicyHashNode; + xmlNodePtr node; + int ret; + + sigPolicyIdNode = xmlSecAddChild(signaturePolicyId, xmlXadesNodeSigPolicyId, xmlXadesDSigNs); + if (sigPolicyIdNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeSigPolicyId)", NULL); + return(NULL); + } + + node = xmlSecAddChild(sigPolicyIdNode, xmlXadesNodeIdentifier, xmlXadesDSigNs); + if (node == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeIdentifier)", NULL); + xmlFreeNode(sigPolicyIdNode); + return(NULL); + } + + ret = xmlSecNodeEncodeAndSetContent(node, identifier); + if (ret < 0) { + xmlXadesInternalError("xmlSecNodeEncodeAndSetContent", NULL); + xmlFreeNode(sigPolicyIdNode); + xmlFreeNode(node); + return(NULL); + } + + node = xmlSecAddChild(sigPolicyIdNode, xmlXadesNodeDescription, xmlXadesDSigNs); + if (node == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeDescription)", NULL); + xmlFreeNode(sigPolicyIdNode); + return(NULL); + } + + ret = xmlSecNodeEncodeAndSetContent(node, identifier); + if (ret < 0) { + xmlXadesInternalError("xmlSecNodeEncodeAndSetContent", NULL); + xmlFreeNode(sigPolicyIdNode); + xmlFreeNode(node); + return(NULL); + } + + //add policyHash + sigPolicyHashNode = xmlSecAddChild(sigPolicyIdNode, xmlXadesNodeSigPolicyHash, xmlXadesDSigNs); + if (sigPolicyHashNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeSigPolicyHash)", NULL); + xmlFreeNode(sigPolicyIdNode); + return(NULL); + } + + node = xmlSecAddChild(sigPolicyHashNode, xmlSecNodeDigestMethod, xmlXadesDSigNs); + if (sigPolicyHashNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlSecNodeDigestMethod)", NULL); + xmlUnlinkNode(sigPolicyHashNode); + xmlFreeNode(sigPolicyHashNode); + return(NULL); + } + if (xmlSetProp(node, xmlSecAttrAlgorithm, policyDigestMethodId->href) == NULL) { + xmlXadesXmlError2("xmlSetProp", NULL, + "name=%s", xmlXadesErrorsSafeString(xmlSecAttrAlgorithm)); + xmlUnlinkNode(sigPolicyHashNode); + xmlFreeNode(sigPolicyHashNode); + return(node); + } + + node = xmlSecAddChild(sigPolicyHashNode, xmlSecNodeDigestValue, xmlXadesDSigNs); + if (node == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlSecNodeDigestValue)", NULL); + xmlUnlinkNode(sigPolicyHashNode); + xmlFreeNode(sigPolicyHashNode); + return(NULL); + } + + return(sigPolicyIdNode); +} + +void +xmlXadesTmplAddSignerRole(xmlNodePtr signedSignaturePropertiesNode, const xmlChar* role) { + xmlNodePtr signerRoleNode; + xmlNodePtr claimedRolesNode; + xmlNodePtr claimedRoleNode; + int ret; + + signerRoleNode = xmlSecAddChild(signedSignaturePropertiesNode, xmlXadesNodeSignerRole, xmlXadesDSigNs); + if (signerRoleNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeSignerRole)", NULL); + return(NULL); + } + + claimedRolesNode = xmlSecAddChild(signerRoleNode, xmlXadesNodeClaimedRoles, xmlXadesDSigNs); + if (claimedRolesNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeClaimedRoles)", NULL); + xmlUnlinkNode(signerRoleNode); + xmlFreeNode(signerRoleNode); + return(NULL); + } + + claimedRoleNode = xmlSecAddChild(claimedRolesNode, xmlXadesNodeClaimedRole, xmlXadesDSigNs); + if (claimedRoleNode == NULL) { + xmlXadesInternalError("xmlSecAddChild(xmlXadesNodeClaimedRole)", NULL); + xmlUnlinkNode(signerRoleNode); + xmlFreeNode(signerRoleNode); + return(NULL); + } + + ret = xmlSecNodeEncodeAndSetContent(claimedRoleNode, role); + if (ret < 0) { + xmlXadesInternalError("xmlSecNodeEncodeAndSetContent", NULL); + xmlUnlinkNode(signerRoleNode); + xmlFreeNode(signerRoleNode); + return(NULL); + } + + return; +} diff --git a/experimental/facho-signer/xades/xades.h b/experimental/facho-signer/xades/xades.h index 3d556b6..4655124 100644 --- a/experimental/facho-signer/xades/xades.h +++ b/experimental/facho-signer/xades/xades.h @@ -4,6 +4,7 @@ #include #include +#include #include "xmlsec1/errors_helpers.h" @@ -12,11 +13,33 @@ static const xmlChar xmlXadesNodeSignedProperties[] = "SignedProperties"; static const xmlChar xmlXadesNodeSignedSignatureProperties[] = "SignedSignatureProperties"; static const xmlChar xmlXadesNodeSigningTime[] = "SigningTime"; +static const xmlChar xmlXadesNodeSigningCertificate[] = "SigningCertificate"; +static const xmlChar xmlXadesNodeCertificate[] = "Cert"; +static const xmlChar xmlXadesNodeSignaturePolicyIdentifier[] = "SignaturePolicyIdentifier"; +static const xmlChar xmlXadesNodeSignaturePolicyId[] = "SignaturePolicyId"; +static const xmlChar xmlXadesNodeSigPolicyId[] = "SignaturePolicyId"; +static const xmlChar xmlXadesNodeIdentifier[] = "Identifier"; +static const xmlChar xmlXadesNodeDescription[] = "Description"; +static const xmlChar xmlXadesNodeSigPolicyHash[] = "SigPolicyHash"; + +static const xmlChar xmlXadesNodeSignerRole[] = "SignerRole"; +static const xmlChar xmlXadesNodeClaimedRoles[] = "ClaimedRoles"; +static const xmlChar xmlXadesNodeClaimedRole[] = "ClaimedRole"; static const xmlChar xmlXadesDSigNs[] = "http://uri.etsi.org/01903/v1.3.2#"; xmlNodePtr xmlXadesTmplQualifyingPropertiesCreateNsPref(xmlDocPtr doc, const xmlChar* id, const xmlChar* nsPrefix); + + xmlNodePtr xmlXadesTmplAddSignedSignatureProperties(xmlNodePtr parentNode, const xmlChar* id, struct tm* signingTime); + +xmlNodePtr +xmlXadesTmplAddSigningCertificate(xmlNodePtr parentNode); +xmlNodePtr +xmlXadesTmplAddCert(xmlNodePtr signingCertificateNode); +xmlNodePtr +xmlXadesTmplAddSignaturePolicyIdentifierSignaturePolicyId(xmlNodePtr signedSignaturePropertiesNode); + #endif //XADES_H