Clarify change log, and remove some OpenSSL-specifics from samples.
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-cpp/trunk@1834154 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 85c7172..664a20b 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,4 +1,12 @@
-For subsequent changes, refer to the issue tracker.
+2.0.0
+=====================================
+This is a major upgrade of the library that includes both a small
+number of enumerated changes, and a large number of fairly minimal API
+changes across the entire library. For this release, and all future
+releases, please refer to the web site and/or issue tracker for a
+summary of changes.
+
+Below are older change logs maintained from earlier releases.
Changes since 1.7.0
=====================================
diff --git a/xml-security-c-2.0.0.zip b/xml-security-c-2.0.0.zip
new file mode 100644
index 0000000..a1c4af2
--- /dev/null
+++ b/xml-security-c-2.0.0.zip
Binary files differ
diff --git a/xsec/samples/simpleDecrypt.cpp b/xsec/samples/simpleDecrypt.cpp
index 57e7af3..9b8f085 100644
--- a/xsec/samples/simpleDecrypt.cpp
+++ b/xsec/samples/simpleDecrypt.cpp
@@ -41,7 +41,12 @@
#include <xsec/framework/XSECException.hpp>
#include <xsec/xenc/XENCCipher.hpp>
-#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>
+#ifdef XSEC_HAVE_OPENSSL
+# include <xsec/enc/OpenSSL/OpenSSLCryptoKeyRSA.hpp>
+# include <openssl/bio.h>
+# include <openssl/evp.h>
+# include <openssl/pem.h>
+#endif
#include "../utils/XSECDOMUtils.hpp"
@@ -54,10 +59,6 @@
// OpenSSL
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-
XERCES_CPP_NAMESPACE_USE
char letter[] = "\n\
@@ -117,10 +118,10 @@
}
catch (const XMLException &e) {
- cerr << "Error during initialisation of Xerces" << endl;
+ cerr << "Error during initialization of libraries" << endl;
cerr << "Error Message = : "
<< e.getMessage() << endl;
-
+ return -1;
}
// Use xerces to parse the document
@@ -153,6 +154,7 @@
cipher = prov.newCipher(doc);
+#ifdef XSEC_HAVE_OPENSSL
/* Load the private key via OpenSSL and then wrap in an OpenSSLCrypto construct */
BIO * bioMem = BIO_new(BIO_s_mem());
BIO_puts(bioMem, s_privateKey);
@@ -162,6 +164,9 @@
OpenSSLCryptoKeyRSA * k = new OpenSSLCryptoKeyRSA(pk);
cipher->setKEK(k);
+#else
+ throw XSECException(XSECException::CryptoProviderError);
+#endif
/* Find the EncryptedData node */
DOMNode * encryptedNode = findXENCNode(doc, "EncryptedData");
diff --git a/xsec/samples/simpleEncrypt.cpp b/xsec/samples/simpleEncrypt.cpp
index aed92ac..a94112f 100644
--- a/xsec/samples/simpleEncrypt.cpp
+++ b/xsec/samples/simpleEncrypt.cpp
@@ -37,15 +37,13 @@
#include <xsec/framework/XSECProvider.hpp>
#include <xsec/framework/XSECException.hpp>
+#include <xsec/utils/XSECPlatformUtils.hpp>
#include <xsec/xenc/XENCCipher.hpp>
#include <xsec/xenc/XENCEncryptedData.hpp>
#include <xsec/xenc/XENCEncryptedKey.hpp>
#include "../utils/XSECDOMUtils.hpp"
-#include <xsec/enc/OpenSSL/OpenSSLCryptoSymmetricKey.hpp>
-#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>
-
// Xalan
#ifdef XSEC_HAVE_XALAN
@@ -53,10 +51,6 @@
XALAN_USING_XALAN(XalanTransformer)
#endif
-// OpenSSL
-
-#include <openssl/rand.h>
-
XERCES_CPP_NAMESPACE_USE
DOMElement * g_toEncrypt;
@@ -151,30 +145,14 @@
cipher = prov.newCipher(doc);
- /* Now generate a random key that we can use to encrypt the element
- *
- * First check the status of the random generation in OpenSSL
- */
-
- if (RAND_status() != 1) {
-
- cerr << "OpenSSL random generation not properly initialised" << endl;
- exit(1);
-
- }
+ /* Now generate a random key that we can use to encrypt the element */
unsigned char keyBuf[24];
- if (RAND_bytes(keyBuf, 24) == 0) {
-
- cerr << "Error obtaining 24 bytes of random from OpenSSL" << endl;
- exit(1);
-
- }
+ XSECPlatformUtils::g_cryptoProvider->getRandom(keyBuf, 24);
/* Wrap this in a Symmetric 3DES key */
- OpenSSLCryptoSymmetricKey * key =
- new OpenSSLCryptoSymmetricKey(XSECCryptoSymmetricKey::KEY_3DES_192);
+ XSECCryptoSymmetricKey * key = XSECPlatformUtils::g_cryptoProvider->keySymmetric(XSECCryptoSymmetricKey::KEY_3DES_192);
key->setKey(keyBuf, 24);
cipher->setKey(key);
@@ -184,7 +162,7 @@
/* Now lets create an EncryptedKey element to hold the generated key */
/* First lets load the public key in the certificate */
- OpenSSLCryptoX509 * x509 = new OpenSSLCryptoX509();
+ XSECCryptoX509* x509 = XSECPlatformUtils::g_cryptoProvider->X509();
x509->loadX509Base64Bin(cert, (unsigned int) strlen(cert));
/* Now set the Key Encrypting Key (NOTE: Not the normal key) */
diff --git a/xsec/samples/simpleHMAC.cpp b/xsec/samples/simpleHMAC.cpp
index 19a1201..7a551fd 100644
--- a/xsec/samples/simpleHMAC.cpp
+++ b/xsec/samples/simpleHMAC.cpp
@@ -40,8 +40,8 @@
#include <xsec/framework/XSECProvider.hpp>
#include <xsec/dsig/DSIGReference.hpp>
-#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyHMAC.hpp>
#include <xsec/framework/XSECException.hpp>
+#include <xsec/utils/XSECPlatformUtils.hpp>
#include "../utils/XSECDOMUtils.hpp"
@@ -146,7 +146,7 @@
// Set the HMAC Key to be the string "secret"
- OpenSSLCryptoKeyHMAC * hmacKey = new OpenSSLCryptoKeyHMAC();
+ XSECCryptoKeyHMAC* hmacKey = XSECPlatformUtils::g_cryptoProvider->keyHMAC();
hmacKey->setKey((unsigned char *) "secret", (unsigned int) strlen("secret"));
sig->setSigningKey(hmacKey);
diff --git a/xsec/samples/simpleValidate.cpp b/xsec/samples/simpleValidate.cpp
index f20cd78..c5a002d 100644
--- a/xsec/samples/simpleValidate.cpp
+++ b/xsec/samples/simpleValidate.cpp
@@ -34,12 +34,11 @@
// XML-Security-C (XSEC)
-#include <xsec/framework/XSECProvider.hpp>
#include <xsec/dsig/DSIGReference.hpp>
-#include <xsec/enc/OpenSSL/OpenSSLCryptoKeyHMAC.hpp>
-#include <xsec/framework/XSECException.hpp>
-#include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp>
#include <xsec/enc/XSECCryptoException.hpp>
+#include <xsec/framework/XSECProvider.hpp>
+#include <xsec/framework/XSECException.hpp>
+#include <xsec/utils/XSECPlatformUtils.hpp>
#include "../utils/XSECDOMUtils.hpp"
@@ -173,9 +172,8 @@
try {
- // Use the OpenSSL interface objects to get a signing key
-
- OpenSSLCryptoX509 * x509 = new OpenSSLCryptoX509();
+ // Use the interface objects to get a signing key
+ XSECCryptoX509* x509 = XSECPlatformUtils::g_cryptoProvider->X509();
x509->loadX509Base64Bin(cert, (unsigned int) strlen(cert));
sig->load();
diff --git a/xsec/tools/cipher/XencInteropResolver.cpp b/xsec/tools/cipher/XencInteropResolver.cpp
index 16be214..733a241 100644
--- a/xsec/tools/cipher/XencInteropResolver.cpp
+++ b/xsec/tools/cipher/XencInteropResolver.cpp
@@ -48,10 +48,6 @@
#include <iostream>
-#if !defined (XSEC_HAVE_OPENSSL) && !defined (XSEC_HAVE_WINCAPI) && !defined (XSEC_HAVE_NSS)
-# error Require OpenSSL or Windows Crypto API for the Merlin Resolver
-#endif
-
#if defined (XSEC_HAVE_OPENSSL)
# include <openssl/x509.h>
# include <openssl/pem.h>
diff --git a/xsec/tools/cipher/cipher.cpp b/xsec/tools/cipher/cipher.cpp
index e4bc94c..ba2e2a9 100644
--- a/xsec/tools/cipher/cipher.cpp
+++ b/xsec/tools/cipher/cipher.cpp
@@ -98,10 +98,6 @@
#endif
-#if !defined (XSEC_HAVE_OPENSSL) && !defined(XSEC_HAVE_WINCAPI) && !defined(XSEC_HAVE_NSS)
-# error No available cryptoAPI
-#endif
-
#if defined (XSEC_HAVE_OPENSSL)
// OpenSSL
diff --git a/xsec/tools/templatesign/templatesign.cpp b/xsec/tools/templatesign/templatesign.cpp
index 06d8dbe..74b9b7f 100644
--- a/xsec/tools/templatesign/templatesign.cpp
+++ b/xsec/tools/templatesign/templatesign.cpp
@@ -775,14 +775,7 @@
else
#endif
if (_stricmp(argv[paramCount], "--hmackey") == 0 || _stricmp(argv[paramCount], "-h") == 0) {
-
-#if defined (XSEC_HAVE_OPENSSL)
- OpenSSLCryptoKeyHMAC * hmacKey = new OpenSSLCryptoKeyHMAC();
-#else
-# if defined (XSEC_HAVE_WINCAPI)
- WinCAPICryptoKeyHMAC * hmacKey = new WinCAPICryptoKeyHMAC(0);
-# endif
-#endif
+ XSECCryptoKeyHMAC* hmacKey = XSECPlatformUtils::g_cryptoProvider->keyHMAC();
hmacKey->setKey((unsigned char *) argv[paramCount + 1], (unsigned int) strlen(argv[paramCount + 1]));
key = hmacKey;
paramCount += 2;