diff options
author | Aleksey Sanin <aleksey@src.gnome.org> | 2003-03-02 08:54:14 +0000 |
---|---|---|
committer | Aleksey Sanin <aleksey@src.gnome.org> | 2003-03-02 08:54:14 +0000 |
commit | eea7c9526386852d6c5b1a7a45fcfedb383877ef (patch) | |
tree | e074c927c9b13be0db85facf5f72b3e16354a9ce | |
parent | 7201e9370e499756a32206428b3a9a8c25561d18 (diff) | |
download | xmlsec1-eea7c9526386852d6c5b1a7a45fcfedb383877ef.tar.gz xmlsec1-eea7c9526386852d6c5b1a7a45fcfedb383877ef.tar.bz2 xmlsec1-eea7c9526386852d6c5b1a7a45fcfedb383877ef.zip |
separated key requirements klass
-rw-r--r-- | apps/crypto.c | 2 | ||||
-rw-r--r-- | include/xmlsec/keyinfo.h | 6 | ||||
-rw-r--r-- | include/xmlsec/keys.h | 9 | ||||
-rw-r--r-- | include/xmlsec/transforms.h | 4 | ||||
-rw-r--r-- | src/keyinfo.c | 15 | ||||
-rw-r--r-- | src/keys.c | 41 | ||||
-rw-r--r-- | src/keysdata.c | 44 | ||||
-rw-r--r-- | src/keysmngr.c | 14 | ||||
-rw-r--r-- | src/nss/hmac.c | 14 | ||||
-rw-r--r-- | src/openssl/ciphers.c | 15 | ||||
-rw-r--r-- | src/openssl/evp.c | 8 | ||||
-rw-r--r-- | src/openssl/hmac.c | 15 | ||||
-rw-r--r-- | src/openssl/kt_rsa.c | 33 | ||||
-rw-r--r-- | src/openssl/kw_aes.c | 15 | ||||
-rw-r--r-- | src/openssl/kw_des.c | 15 | ||||
-rw-r--r-- | src/openssl/signatures.c | 17 | ||||
-rw-r--r-- | src/openssl/x509.c | 11 | ||||
-rw-r--r-- | src/transforms.c | 12 | ||||
-rw-r--r-- | src/xmldsig.c | 4 | ||||
-rw-r--r-- | src/xmlenc.c | 4 | ||||
-rw-r--r-- | tests/keys.xml | 44 |
21 files changed, 186 insertions, 156 deletions
diff --git a/apps/crypto.c b/apps/crypto.c index a2d67f59..719ce0bf 100644 --- a/apps/crypto.c +++ b/apps/crypto.c @@ -335,7 +335,7 @@ xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(xmlSecKeysMngrPtr mngr, const char* k } memset(&keyInfoCtx, 0, sizeof(keyInfoCtx)); - keyInfoCtx.keyType = xmlSecKeyDataTypeAny; + keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny; ret = xmlSecKeyDataBinRead(dataId, key, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), diff --git a/include/xmlsec/keyinfo.h b/include/xmlsec/keyinfo.h index 10e81ff7..2ee43a64 100644 --- a/include/xmlsec/keyinfo.h +++ b/include/xmlsec/keyinfo.h @@ -77,10 +77,8 @@ struct _xmlSecKeyInfoCtx { xmlSecKeysMngrPtr keysMngr; void *context; - xmlSecKeyDataId keyId; - xmlSecKeyDataType keyType; - xmlSecKeyUsage keyUsage; - + xmlSecKeyReq keyReq; + int base64LineSize; int retrievalsLevel; int encKeysLevel; diff --git a/include/xmlsec/keys.h b/include/xmlsec/keys.h index efd43900..26444dd6 100644 --- a/include/xmlsec/keys.h +++ b/include/xmlsec/keys.h @@ -56,8 +56,10 @@ XMLSEC_EXPORT int xmlSecKeyReqInitialize (xmlSecKeyReqPtr keyReq); XMLSEC_EXPORT void xmlSecKeyReqFinalize (xmlSecKeyReqPtr keyReq); XMLSEC_EXPORT int xmlSecKeyReqCopy (xmlSecKeyReqPtr dst, xmlSecKeyReqPtr src); -XMLSEC_EXPORT int xmlSecKeyReqValidate (xmlSecKeyReqPtr keyReq, +XMLSEC_EXPORT int xmlSecKeyReqMatchKey (xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key); +XMLSEC_EXPORT int xmlSecKeyReqMatchKeyValue (xmlSecKeyReqPtr keyReq, + xmlSecKeyDataPtr value); /** * xmlSecKeyInifiteRetrivals: @@ -219,10 +221,9 @@ XMLSEC_EXPORT xmlSecKeyPtr xmlSecKeyGenerate (const xmlChar* type, size_t sizeBits); -XMLSEC_EXPORT int xmlSecKeyVerify (xmlSecKeyPtr key, +XMLSEC_EXPORT int xmlSecKeyMatch (xmlSecKeyPtr key, const xmlChar *name, - xmlSecKeyDataId id, - xmlSecKeyDataType type); + xmlSecKeyReqPtr keyReq); /*********************************************************************** diff --git a/include/xmlsec/transforms.h b/include/xmlsec/transforms.h index e07f2fd0..956d5a00 100644 --- a/include/xmlsec/transforms.h +++ b/include/xmlsec/transforms.h @@ -124,7 +124,7 @@ XMLSEC_EXPORT int xmlSecTransformRead (xmlSecTransformPtr transform, XMLSEC_EXPORT int xmlSecTransformSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); XMLSEC_EXPORT int xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); XMLSEC_EXPORT int xmlSecTransformVerify (xmlSecTransformPtr transform, const unsigned char* data, size_t dataSize, @@ -364,7 +364,7 @@ typedef int (*xmlSecTransformNodeReadMethod) (xmlSecTransformPtr transform, * */ typedef int (*xmlSecTransformSetKeyRequirements) (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); /** * xmlSecTransformSetKeyMethod: diff --git a/src/keyinfo.c b/src/keyinfo.c index deae6b8e..04c3f168 100644 --- a/src/keyinfo.c +++ b/src/keyinfo.c @@ -923,7 +923,7 @@ xmlSecKeyDataEncryptedKeyXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePt goto done; } - ret = xmlSecKeyDataBinRead(keyInfoCtx->keyId, key, + ret = xmlSecKeyDataBinRead(keyInfoCtx->keyReq.keyId, key, xmlSecBufferGetData(encResult->buffer), xmlSecBufferGetSize(encResult->buffer), keyInfoCtx); @@ -951,7 +951,7 @@ done: static int xmlSecKeyDataEncryptedKeyXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlSecEncCtxPtr encCtx = NULL; - xmlSecKeyDataType type; + xmlSecKeyReq keyReq; unsigned char *keyBuf = NULL; size_t keySize = 0; int ret; @@ -972,9 +972,11 @@ xmlSecKeyDataEncryptedKeyXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodeP } /* dump key to a binary buffer */ - /* TODO: parameter for enc key type? */ - type = keyInfoCtx->keyType; - keyInfoCtx->keyType = xmlSecKeyDataTypeAny; + + /* remeber key parameters we have */ + xmlSecKeyReqCopy(&keyReq, &(keyInfoCtx->keyReq)); + xmlSecKeyReqInitialize(&(keyInfoCtx->keyReq)); + keyInfoCtx->keyReq.keyType = xmlSecKeyDataTypeAny; ret = xmlSecKeyDataBinWrite(key->value->id, key, &keyBuf, &keySize, keyInfoCtx); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, @@ -984,7 +986,8 @@ xmlSecKeyDataEncryptedKeyXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodeP XMLSEC_ERRORS_NO_MESSAGE); goto done; } - keyInfoCtx->keyType = type; + /* restore key requirements */ + xmlSecKeyReqCopy(&(keyInfoCtx->keyReq), &keyReq); /** * Init Enc context @@ -54,20 +54,28 @@ xmlSecKeyReqCopy(xmlSecKeyReqPtr dst, xmlSecKeyReqPtr src) { } int -xmlSecKeyReqValidate(xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key) { - xmlSecKeyDataPtr value; - +xmlSecKeyReqMatchKey(xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key) { xmlSecAssert2(keyReq != NULL, -1); xmlSecAssert2(xmlSecKeyIsValid(key), -1); - - value = xmlSecKeyGetValue(key); - if(!xmlSecKeyDataCheckId(value, keyReq->keyId)) { - return(0); - } + if((xmlSecKeyGetType(key) & keyReq->keyType) == 0) { return(0); } /* todo: key usage! */ + + return(xmlSecKeyReqMatchKeyValue(keyReq, xmlSecKeyGetValue(key))); +} + +int +xmlSecKeyReqMatchKeyValue(xmlSecKeyReqPtr keyReq, xmlSecKeyDataPtr value) { + xmlSecAssert2(keyReq != NULL, -1); + xmlSecAssert2(value != NULL, -1); + + if((keyReq->keyId != xmlSecKeyDataIdUnknown) && + (!xmlSecKeyDataCheckId(value, keyReq->keyId))) { + + return(0); + } return(1); } @@ -220,11 +228,9 @@ xmlSecKeyDuplicate(xmlSecKeyPtr key) { } /** - * xmlSecKeyVerify: + * xmlSecKeyMatch: * @key: the pointer to the #xmlSecKey structure. * @name: the pointer to key name (may be NULL). - * @id: the key id (may be "any"). - * @type: the key type to write (public/private). * * Checks whether the @key matches the given criteria * (key name is equal to @name, key id is equal to @id, @@ -233,19 +239,14 @@ xmlSecKeyDuplicate(xmlSecKeyPtr key) { * Returns 1 if the key satisfies the given criteria or 0 otherwise. */ int -xmlSecKeyVerify(xmlSecKeyPtr key, const xmlChar *name, xmlSecKeyDataId id, xmlSecKeyDataType keyType) { +xmlSecKeyMatch(xmlSecKeyPtr key, const xmlChar *name, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecKeyIsValid(key), -1); - - if((id != xmlSecKeyDataIdUnknown) && (id != key->value->id)) { - return(0); - } - if((xmlSecKeyGetType(key) & keyType) == 0) { - return(0); - } + xmlSecAssert2(keyReq != NULL, -1); + if((name != NULL) && (!xmlStrEqual(xmlSecKeyGetName(key), name))) { return(0); } - return(1); + return(xmlSecKeyReqMatchKey(keyReq, key)); } xmlSecKeyDataType diff --git a/src/keysdata.c b/src/keysdata.c index 4e2e38c3..04bba753 100644 --- a/src/keysdata.c +++ b/src/keysdata.c @@ -649,7 +649,12 @@ xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr } xmlFree(str); - if((xmlSecKeyDataGetType(data) & keyInfoCtx->keyType) == 0) { + if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), + "xmlSecKeyReqMatchKeyValue", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(0); } @@ -671,21 +676,27 @@ xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr int xmlSecKeyDataBinaryValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlSecBufferPtr buffer; + xmlSecKeyDataPtr value; xmlChar* str; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); - xmlSecAssert2(key->value != NULL, -1); - xmlSecAssert2(key->value->id == id, -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); - if((xmlSecKeyDataGetType(key->value) & keyInfoCtx->keyType) == 0) { - /* we can have only private key */ + value = xmlSecKeyGetValue(key); + xmlSecAssert2(xmlSecKeyDataIsValid(value), -1); + + if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), value) != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), + "xmlSecKeyReqMatchKeyValue", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); return(0); } - buffer = xmlSecKeyDataBinaryValueGetBuffer(key->value); + buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); str = xmlSecBase64Encode(xmlSecBufferGetData(buffer), @@ -775,7 +786,12 @@ xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, const unsi return(-1); } - if((xmlSecKeyDataGetType(data) & keyInfoCtx->keyType) == 0) { + if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), + "xmlSecKeyReqMatchKeyValue", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(0); } @@ -796,18 +812,24 @@ xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, const unsi int xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, unsigned char** buf, size_t* bufSize, xmlSecKeyInfoCtxPtr keyInfoCtx) { + xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); - xmlSecAssert2(key->value != NULL, -1); - xmlSecAssert2(key->value->id == id, -1); xmlSecAssert2(buf != NULL, -1); xmlSecAssert2(bufSize != NULL, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); - if((xmlSecKeyDataGetType(key->value) & keyInfoCtx->keyType) == 0) { - /* we can have only private key */ + value = xmlSecKeyGetValue(key); + xmlSecAssert2(xmlSecKeyDataIsValid(value), -1); + + if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), value) != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), + "xmlSecKeyReqMatchKeyValue", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); return(0); } diff --git a/src/keysmngr.c b/src/keysmngr.c index 490d6197..f9d796b4 100644 --- a/src/keysmngr.c +++ b/src/keysmngr.c @@ -306,7 +306,7 @@ xmlSecSimpleKeysStoreFindKey(xmlSecKeyDataStorePtr store, const xmlChar* name, size = xmlSecPtrListGetSize(list); for(pos = 0; pos < size; ++pos) { key = (xmlSecKeyPtr)xmlSecPtrListGetItem(list, pos); - if((key != NULL) && (xmlSecKeyVerify(key, name, keyInfoCtx->keyId, keyInfoCtx->keyType) == 1)) { + if((key != NULL) && (xmlSecKeyMatch(key, name, &(keyInfoCtx->keyReq)) == 1)) { return(key); } } @@ -347,9 +347,9 @@ xmlSecSimpleKeysStoreLoad(xmlSecKeyDataStorePtr store, const char *uri) { } memset(&keyInfoCtx, 0, sizeof(keyInfoCtx)); - keyInfoCtx.keyId = xmlSecKeyDataIdUnknown; - keyInfoCtx.keyType = xmlSecKeyDataTypeAny; - keyInfoCtx.keyUsage = xmlSecKeyDataUsageAny; + keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown; + keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny; + keyInfoCtx.keyReq.keyUsage = xmlSecKeyDataUsageAny; keyInfoCtx.retrievalsLevel = 0; keyInfoCtx.encKeysLevel = 1; @@ -459,9 +459,9 @@ xmlSecSimpleKeysStoreSave(xmlSecKeyDataStorePtr store, const char *filename, xml memset(&keyInfoCtx, 0, sizeof(keyInfoCtx)); - keyInfoCtx.keyId = xmlSecKeyDataIdUnknown; - keyInfoCtx.keyType = type; - keyInfoCtx.keyUsage = xmlSecKeyDataUsageAny; + keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown; + keyInfoCtx.keyReq.keyType = type; + keyInfoCtx.keyReq.keyUsage = xmlSecKeyDataUsageAny; keyInfoCtx.retrievalsLevel = 0; keyInfoCtx.encKeysLevel = 1; diff --git a/src/nss/hmac.c b/src/nss/hmac.c index 009302d9..1995a07f 100644 --- a/src/nss/hmac.c +++ b/src/nss/hmac.c @@ -61,7 +61,7 @@ static void xmlSecNssHmacFinalize (xmlSecTransformPtr transform); static int xmlSecNssHmacReadNode (xmlSecTransformPtr transform, xmlNodePtr transformNode); static int xmlSecNssHmacSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecNssHmacSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecNssHmacVerify (xmlSecTransformPtr transform, @@ -176,22 +176,22 @@ xmlSecNssHmacReadNode(xmlSecTransformPtr transform, xmlNodePtr transformNode) { static int -xmlSecNssHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecNssHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecNssHmacCtxPtr ctx; xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1); ctx = xmlSecNssHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); - keyInfoCtx->keyId = xmlSecNssKeyDataHmacId; - keyInfoCtx->keyType = xmlSecKeyDataTypeSymmetric; + keyReq->keyId = xmlSecNssKeyDataHmacId; + keyReq->keyType= xmlSecKeyDataTypeSymmetric; if(transform->encode) { - keyInfoCtx->keyUsage = xmlSecKeyUsageSign; + keyReq->keyUsage = xmlSecKeyUsageSign; } else { - keyInfoCtx->keyUsage = xmlSecKeyUsageVerify; + keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); diff --git a/src/openssl/ciphers.c b/src/openssl/ciphers.c index aaa9cb89..cf5703fd 100644 --- a/src/openssl/ciphers.c +++ b/src/openssl/ciphers.c @@ -14,7 +14,6 @@ #include <xmlsec/xmlsec.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/errors.h> @@ -423,7 +422,7 @@ xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, static int xmlSecOpenSSLEvpBlockCipherInitialize (xmlSecTransformPtr transform); static void xmlSecOpenSSLEvpBlockCipherFinalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLEvpBlockCipherSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLEvpBlockCipherSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLEvpBlockCipherExecute (xmlSecTransformPtr transform, @@ -517,23 +516,23 @@ xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) { } static int -xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecOpenSSLEvpBlockCipherCtxPtr ctx; xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpBlockCipherSize), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecOpenSSLEvpBlockCipherGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->keyId != NULL, -1); - keyInfoCtx->keyId = ctx->keyId; - keyInfoCtx->keyType = xmlSecKeyDataTypeSymmetric; + keyReq->keyId = ctx->keyId; + keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->encode) { - keyInfoCtx->keyUsage = xmlSecKeyUsageEncrypt; + keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { - keyInfoCtx->keyUsage = xmlSecKeyUsageDecrypt; + keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); diff --git a/src/openssl/evp.c b/src/openssl/evp.c index 43576b78..c66551fb 100644 --- a/src/openssl/evp.c +++ b/src/openssl/evp.c @@ -662,7 +662,7 @@ xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, dsa = xmlSecOpenSSLKeyDataDsaGetDsa(xmlSecKeyGetValue(key)); xmlSecAssert2(dsa != NULL, -1); - if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyType) == 0) { + if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) { /* we can have only private key or public key */ return(0); } @@ -731,7 +731,7 @@ xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, } /* next is X node: write it ONLY for private keys and ONLY if it is requested */ - if(((keyInfoCtx->keyType & xmlSecKeyDataTypePrivate) != 0) && (dsa->priv_key != NULL)) { + if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (dsa->priv_key != NULL)) { cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs); if(cur == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, @@ -1226,7 +1226,7 @@ xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, rsa = xmlSecOpenSSLKeyDataRsaGetRsa(xmlSecKeyGetValue(key)); xmlSecAssert2(rsa != NULL, -1); - if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyType) == 0) { + if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) { /* we can have only private key or public key */ return(0); } @@ -1272,7 +1272,7 @@ xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, } /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */ - if(((keyInfoCtx->keyType & xmlSecKeyDataTypePrivate) != 0) && (rsa->d != NULL)) { + if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (rsa->d != NULL)) { cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs); if(cur == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, diff --git a/src/openssl/hmac.c b/src/openssl/hmac.c index 700566a7..55e51f92 100644 --- a/src/openssl/hmac.c +++ b/src/openssl/hmac.c @@ -20,7 +20,6 @@ #include <xmlsec/xmlsec.h> #include <xmlsec/xmltree.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/transformsInternal.h> #include <xmlsec/errors.h> @@ -59,7 +58,7 @@ static void xmlSecOpenSSLHmacFinalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLHmacReadNode (xmlSecTransformPtr transform, xmlNodePtr transformNode); static int xmlSecOpenSSLHmacSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLHmacSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLHmacVerify (xmlSecTransformPtr transform, @@ -182,17 +181,17 @@ xmlSecOpenSSLHmacReadNode(xmlSecTransformPtr transform, xmlNodePtr transformNode static int -xmlSecOpenSSLHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); - keyInfoCtx->keyId = xmlSecOpenSSLKeyDataHmacId; - keyInfoCtx->keyType = xmlSecKeyDataTypeSymmetric; + keyReq->keyId = xmlSecOpenSSLKeyDataHmacId; + keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->encode) { - keyInfoCtx->keyUsage = xmlSecKeyUsageSign; + keyReq->keyUsage = xmlSecKeyUsageSign; } else { - keyInfoCtx->keyUsage = xmlSecKeyUsageVerify; + keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); diff --git a/src/openssl/kt_rsa.c b/src/openssl/kt_rsa.c index 991a6bb7..52a4878f 100644 --- a/src/openssl/kt_rsa.c +++ b/src/openssl/kt_rsa.c @@ -26,7 +26,6 @@ #include <xmlsec/buffer.h> #include <xmlsec/xmltree.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/transformsInternal.h> #include <xmlsec/strings.h> @@ -63,7 +62,7 @@ struct _xmlSecOpenSSLRsaPkcs1Ctx { static int xmlSecOpenSSLRsaPkcs1Initialize (xmlSecTransformPtr transform); static void xmlSecOpenSSLRsaPkcs1Finalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLRsaPkcs1SetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLRsaPkcs1SetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLRsaPkcs1Execute (xmlSecTransformPtr transform, @@ -134,23 +133,23 @@ xmlSecOpenSSLRsaPkcs1Finalize(xmlSecTransformPtr transform) { } static int -xmlSecOpenSSLRsaPkcs1SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLRsaPkcs1SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecOpenSSLRsaPkcs1CtxPtr ctx; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); - keyInfoCtx->keyId = xmlSecOpenSSLKeyDataRsaId; + keyReq->keyId = xmlSecOpenSSLKeyDataRsaId; if(transform->encode) { - keyInfoCtx->keyType = xmlSecKeyDataTypePublic; - keyInfoCtx->keyUsage = xmlSecKeyUsageEncrypt; + keyReq->keyType = xmlSecKeyDataTypePublic; + keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { - keyInfoCtx->keyType = xmlSecKeyDataTypePrivate; - keyInfoCtx->keyUsage = xmlSecKeyUsageDecrypt; + keyReq->keyType = xmlSecKeyDataTypePrivate; + keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); } @@ -373,7 +372,7 @@ static void xmlSecOpenSSLRsaOaepFinalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLRsaOaepReadNode (xmlSecTransformPtr transform, xmlNodePtr node); static int xmlSecOpenSSLRsaOaepSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLRsaOaepSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLRsaOaepExecute (xmlSecTransformPtr transform, @@ -527,23 +526,23 @@ xmlSecOpenSSLRsaOaepReadNode(xmlSecTransformPtr transform, xmlNodePtr node) { } static int -xmlSecOpenSSLRsaOaepSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLRsaOaepSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecOpenSSLRsaOaepCtxPtr ctx; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); - keyInfoCtx->keyId = xmlSecOpenSSLKeyDataRsaId; + keyReq->keyId = xmlSecOpenSSLKeyDataRsaId; if(transform->encode) { - keyInfoCtx->keyType = xmlSecKeyDataTypePublic; - keyInfoCtx->keyUsage = xmlSecKeyUsageEncrypt; + keyReq->keyType = xmlSecKeyDataTypePublic; + keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { - keyInfoCtx->keyType = xmlSecKeyDataTypePrivate; - keyInfoCtx->keyUsage = xmlSecKeyUsageDecrypt; + keyReq->keyType = xmlSecKeyDataTypePrivate; + keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); diff --git a/src/openssl/kw_aes.c b/src/openssl/kw_aes.c index 697d76fa..564bc5a4 100644 --- a/src/openssl/kw_aes.c +++ b/src/openssl/kw_aes.c @@ -22,7 +22,6 @@ #include <xmlsec/xmlsec.h> #include <xmlsec/xmltree.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/transformsInternal.h> #include <xmlsec/errors.h> @@ -51,7 +50,7 @@ static int xmlSecOpenSSLKWAesInitialize (xmlSecTransformPtr transform); static void xmlSecOpenSSLKWAesFinalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLKWAesSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLKWAesSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLKWAesExecute (xmlSecTransformPtr transform, @@ -202,17 +201,17 @@ xmlSecOpenSSLKWAesFinalize(xmlSecTransformPtr transform) { } static int -xmlSecOpenSSLKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); - keyInfoCtx->keyId = xmlSecOpenSSLKeyDataAesId; - keyInfoCtx->keyType = xmlSecKeyDataTypeSymmetric; + keyReq->keyId = xmlSecOpenSSLKeyDataAesId; + keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->encode) { - keyInfoCtx->keyUsage = xmlSecKeyUsageEncrypt; + keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { - keyInfoCtx->keyUsage = xmlSecKeyUsageDecrypt; + keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); diff --git a/src/openssl/kw_des.c b/src/openssl/kw_des.c index 0d45fcc5..442d8f33 100644 --- a/src/openssl/kw_des.c +++ b/src/openssl/kw_des.c @@ -21,7 +21,6 @@ #include <xmlsec/xmlsec.h> #include <xmlsec/xmltree.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/transformsInternal.h> #include <xmlsec/errors.h> @@ -47,7 +46,7 @@ static int xmlSecOpenSSLKWDes3Initialize (xmlSecTransformPtr transform); static void xmlSecOpenSSLKWDes3Finalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLKWDes3SetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLKWDes3SetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLKWDes3Execute (xmlSecTransformPtr transform, @@ -140,17 +139,17 @@ xmlSecOpenSSLKWDes3Finalize(xmlSecTransformPtr transform) { } static int -xmlSecOpenSSLKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); - keyInfoCtx->keyId = xmlSecOpenSSLKeyDataDesId; - keyInfoCtx->keyType = xmlSecKeyDataTypeSymmetric; + keyReq->keyId = xmlSecOpenSSLKeyDataDesId; + keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->encode) { - keyInfoCtx->keyUsage = xmlSecKeyUsageEncrypt; + keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { - keyInfoCtx->keyUsage = xmlSecKeyUsageDecrypt; + keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c index 7f889abc..d9c2daaf 100644 --- a/src/openssl/signatures.c +++ b/src/openssl/signatures.c @@ -14,7 +14,6 @@ #include <xmlsec/xmlsec.h> #include <xmlsec/keys.h> -#include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> #include <xmlsec/errors.h> @@ -57,7 +56,7 @@ static int xmlSecOpenSSLEvpSignatureCheckId (xmlSecTransformPtr transform); static int xmlSecOpenSSLEvpSignatureInitialize (xmlSecTransformPtr transform); static void xmlSecOpenSSLEvpSignatureFinalize (xmlSecTransformPtr transform); static int xmlSecOpenSSLEvpSignatureSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyInfoCtxPtr keyInfoCtx); + xmlSecKeyReqPtr keyReq); static int xmlSecOpenSSLEvpSignatureSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecOpenSSLEvpSignatureVerify (xmlSecTransformPtr transform, @@ -186,24 +185,24 @@ xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) } static int -xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecOpenSSLEvpSignatureCtxPtr ctx; xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->keyId != NULL, -1); - keyInfoCtx->keyId = ctx->keyId; + keyReq->keyId = ctx->keyId; if(transform->encode) { - keyInfoCtx->keyType = xmlSecKeyDataTypePrivate; - keyInfoCtx->keyUsage = xmlSecKeyUsageSign; + keyReq->keyType = xmlSecKeyDataTypePrivate; + keyReq->keyUsage = xmlSecKeyUsageSign; } else { - keyInfoCtx->keyType = xmlSecKeyDataTypePublic; - keyInfoCtx->keyUsage = xmlSecKeyUsageVerify; + keyReq->keyType = xmlSecKeyDataTypePublic; + keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); } diff --git a/src/openssl/x509.c b/src/openssl/x509.c index 6cd0a025..ad5b39a6 100644 --- a/src/openssl/x509.c +++ b/src/openssl/x509.c @@ -1245,6 +1245,16 @@ xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr } /* todo: verify that the key matches our expectations */ + if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), + "xmlSecKeyReqMatchKeyValue", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDataDestroy(keyValue); + return(-1); + } + ret = xmlSecKeySetValue(key, keyValue); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, @@ -1252,6 +1262,7 @@ xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr "xmlSecKeySetValue", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyDataDestroy(keyValue); return(-1); } } diff --git a/src/transforms.c b/src/transforms.c index 26b1c0c5..02a0feae 100644 --- a/src/transforms.c +++ b/src/transforms.c @@ -232,16 +232,16 @@ xmlSecTransformSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { * Returns 0 on success or a negative value otherwise. */ int -xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyInfoCtxPtr keyInfoCtx) { +xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecTransformIsValid(transform), -1); - xmlSecAssert2(keyInfoCtx != NULL, -1); + xmlSecAssert2(keyReq != NULL, -1); - keyInfoCtx->keyId = xmlSecKeyDataIdUnknown; - keyInfoCtx->keyType = xmlSecKeyDataTypeUnknown; - keyInfoCtx->keyUsage= xmlSecKeyUsageAny; + keyReq->keyId = xmlSecKeyDataIdUnknown; + keyReq->keyType = xmlSecKeyDataTypeUnknown; + keyReq->keyUsage= xmlSecKeyUsageAny; if(transform->id->setKeyReq != NULL) { - return((transform->id->setKeyReq)(transform, keyInfoCtx)); + return((transform->id->setKeyReq)(transform, keyReq)); } return(0); } diff --git a/src/xmldsig.c b/src/xmldsig.c index 23a7957e..5c452732 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -891,7 +891,7 @@ xmlSecSignedInfoRead(xmlNodePtr signedInfoNode, int sign, xmlSecKeyInfoCtxPtr keyInfoCtx; keyInfoCtx = &(result->ctx->keyInfoCtx); - ret = xmlSecTransformSetKeyReq(signMethod, keyInfoCtx); + ret = xmlSecTransformSetKeyReq(signMethod, &(keyInfoCtx->keyReq)); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -924,7 +924,7 @@ xmlSecSignedInfoRead(xmlNodePtr signedInfoNode, int sign, if(sign && (keyInfoNode != NULL)) { /* update KeyInfo! */ /* todo: do we want to write anything else??? */ - result->ctx->keyInfoCtx.keyType = xmlSecKeyDataTypePublic; + result->ctx->keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypePublic; ret = xmlSecKeyInfoNodeWrite(keyInfoNode, result->key, &result->ctx->keyInfoCtx); diff --git a/src/xmlenc.c b/src/xmlenc.c index a7bab2a7..dade7776 100644 --- a/src/xmlenc.c +++ b/src/xmlenc.c @@ -1138,7 +1138,7 @@ xmlSecEncryptedDataNodeRead(xmlNodePtr encNode, xmlSecEncStatePtr state, xmlSecE xmlSecKeyInfoCtxPtr keyInfoCtx; keyInfoCtx = &(result->ctx->keyInfoCtx); - ret = xmlSecTransformSetKeyReq(encryptionMethod, keyInfoCtx); + ret = xmlSecTransformSetKeyReq(encryptionMethod, &(keyInfoCtx->keyReq)); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -1171,7 +1171,7 @@ xmlSecEncryptedDataNodeRead(xmlNodePtr encNode, xmlSecEncStatePtr state, xmlSecE if(result->encrypt && (keyInfoNode != NULL)) { /* update KeyInfo! */ /* todo: do we want to write anything else??? */ - result->ctx->keyInfoCtx.keyType = xmlSecKeyDataTypePublic; + result->ctx->keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypePublic; ret = xmlSecKeyInfoNodeWrite(keyInfoNode, result->key, &result->ctx->keyInfoCtx); diff --git a/tests/keys.xml b/tests/keys.xml index c5ca296d..41834bcf 100644 --- a/tests/keys.xml +++ b/tests/keys.xml @@ -3,7 +3,7 @@ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>test-hmac-sha1</KeyName> <KeyValue> -<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">qoDh3PoWVkhX15/X2JSS19J+JplygGho</HMACKeyValue> +<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">bGO5ahdDlHbt6UWM/ulMS5i6oGx0/MeG</HMACKeyValue> </KeyValue> </KeyInfo> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> @@ -11,17 +11,17 @@ <KeyValue> <RSAKeyValue> <Modulus> -yW0o2ww8KAgcHe2VFW+2Yxnqf4HOll27J8xGQMlcxM76/RzIxsW0Ui5gyJdz6O9h -j0smrUptf3l+MMQu0TbTYC8SHa3tiN5vt4x4RWYa/R8Kwh3X+mNmHJu09t26/uFn -n1BA6zEw/FH6q7AM1DKTkGIDmmDhcqtWlr4Dw6V2ssN= +v9IZkYmm5IITbgu5ElgQR1W1wuwfFtvlV+Jj2d7BihEzkAx1F46vX/b1DwXrShLg +0gEZ2OXWNSy0UMCYMjzTF0MypV4QjTpPBVb372GSP99r2+UFFyU9AmYPOwQAP1p0 +ixQT53/ptib1y0EvXVGUSPSuS0Eh1o3ePWz92bvDFMf= </Modulus> <Exponent> Aw== </Exponent> <PrivateExponent xmlns="http://www.aleksey.com/xmlsec/2002"> -hkjF5119cAVoE/O4uPUkQhFG/6vfDuknb92EKzDogzSnU2iF2dki4XRAhbpNRfTr -tNzEc4bzqlD+yy10i3niPu/tG2at/Jm8YtjtPVqMX332EfHp2cSlqHIiKDyhYuM5 -P8BF+BXUyYib7eqUo89TTx5IINfgTXP1iR6tmr9uYqt= +f+FmYQZvQwFiSV0mDDq1hOPOgfK/ZJKY5UGX5pSBBrYiYAhOD7R06qSjX1lHhrdA +jAC75e6Ozh3NiysQIX3iDlpTH9eLKa93ETQGAtlV8mhSod3lQ9nMC7Be3b/iMN4k +7fKL1++FoAFjD4wdJVVl2Ozusg6ii8XlcB5zsIuH44u= </PrivateExponent> </RSAKeyValue> </KeyValue> @@ -31,25 +31,25 @@ P8BF+BXUyYib7eqUo89TTx5IINfgTXP1iR6tmr9uYqt= <KeyValue> <DSAKeyValue> <P> -u8gGwbAjT8nDPsLnZEemVFSJ1LtbLsSzwPohN6bw9MbX/PvPpF+x4iFgZGMIGLvj -oz1K5MtB637PdnCTIJaQoiGInQo3wIaBxz0fxDenDlz/FpxIfGr91rqZIT46ne/O -1yCngeIuBKJ458iC3wUxs7Gb7dHDapxnyHNH6kNQ6JN= +k32LGUdFuUiEp9RFXRqiO7WLfJT+zc7J76UPVLwFOUU0vAjyDXvGWdgvZRw89P7g +P1cLoBbEGV0TfdUIqzn68vkGkFdKxMsKTY8zI2uZWntTg0jgTf0UO1xPU/QHOX5h +axakYo37Wump2McVMeDlp2WulcmmkgLGvJ/6/V4oIwk= </P> <Q> -/osoZ3kbFgjazvhYncYsdkejeLO= +wj3vdAQcueg2vXND42tLWtcY3o8= </Q> <G> -eMcm/R8vFEhW+yhkxf8NRgMDEuMFuQIr20mbtipA6ShiABQ31bQjoovpmb16uXe6 -1qHXu+YYHxEr53lr9d79KHJQB4v11nYkQB6k3D8zLzvPl6cGmuTJFYd4dmpmHo1D -2FYE3/JTaPgjgtv3WNfTQj4Qtoepgsxc7roqooSFCua= +KOH3Q5Oc4kifSmCASvSP6TCWoatS0uBnNqi6O8DhP23EE6AMjjcmNqlpTNDod3jY +u/C3lbmUbs67vt5bme0FVfJJJJq9jgm8l2U+7osYjGokze5en2Oy6aL8v/ReoqhL +EOsmzzL/3/Zs9BSMKyJJgZlL3mVC+2chjowUC1BZnf1= </G> <X xmlns="http://www.aleksey.com/xmlsec/2002"> -SU4Se86gNdnlK/8xslBSyu2la6e= +gxB0wysmbekVH+XnTaqN0395aTp= </X> <Y> -ueykKJBtN9ED7e69WiU+h9DHsAdVrC+D4T7u7219m0JyYlQBCaJNsyU4b2/TUsHR -qoUR5PEaS1i23JHXnIPcprDDoNz28ZWhI4MX9gMTZSKg+O0LaFQutz7r0JR+YwqQ -Za/nLpKw2u1oR+kFv3ZGW2s7077k7HexhKfd+5w06y0= +FyAK2sxaxrVwmfWq84y7shjDPnAUqKxbnWv8B37S2sw72v56T+MU+/IJbmbF0N4F +FckxjfHJndbAr3ZUcImVX424nRq/3JHMe0j5Tolt14l+ZjBlSydvwaQVGOouHTdj +qUokiTBHYPCBwO+YYwt7xJn7jmBjuMDusQJ39R8od4s= </Y> </DSAKeyValue> </KeyValue> @@ -57,25 +57,25 @@ Za/nLpKw2u1oR+kFv3ZGW2s7077k7HexhKfd+5w06y0= <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>test-des</KeyName> <KeyValue> -<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">uOQKKyrRqJLGKs0doNvstdbmrRFsKVwU</DESKeyValue> +<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">ukvMEndkhZGwm+Wkeh8ch88TAhpUC+C/</DESKeyValue> </KeyValue> </KeyInfo> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>test-aes128</KeyName> <KeyValue> -<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">G1xBxq8xPBoDX7Lv3J9bXJ==</AESKeyValue> +<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">hhrgBO95fP0kCsVVyeu3z+==</AESKeyValue> </KeyValue> </KeyInfo> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>test-aes192</KeyName> <KeyValue> -<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">fD1de7ojlIfRoWW5yM9DlwoauZzhvJOa</AESKeyValue> +<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">UZz5z+NNJ/J5VKm2gfKvXoMfBToUl6RU</AESKeyValue> </KeyValue> </KeyInfo> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>test-aes256</KeyName> <KeyValue> -<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">TMK9zPB2pkA4bzjv8pqTLLRGYt1r4rwGJcD+pWUeQwI=</AESKeyValue> +<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">MSWIgAsHM0ZYSY+RotGFkkDsARyMmM1Pf3633EZuC7d=</AESKeyValue> </KeyValue> </KeyInfo> </Keys> |