added it xmlsec-openssl functions to read keys and certs from memory or any bio

(bug #119350, patch based on the code from Joachim)
author: Aleksey Sanin <aleksey@src.gnome.org> 2003-08-08 00:34:58 +0000
committer: Aleksey Sanin <aleksey@src.gnome.org> 2003-08-08 00:34:58 +0000
commit: 6311ebf1129cb0deac3dce0f5d98f846a3bd8440 (patch)
tree: 48d20d935a71fddcf07c8991050751faae2a1882
parent: 0c988c4ff33266bbcac2f2c5f53c37700522eeb5 (diff)
download: xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.tar.gz
xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.tar.bz2
xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.zip
4 files changed, 502 insertions, 101 deletions
diff --git a/ChangeLog b/ChangeLog
index c9e396ef..86b51ea4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,13 @@
+Thu Aug  7 11:38:43 2003  Aleksey Sanin  <aleksey@aleksey.com>
+
+	* include/xmlsec/openssl/app.h src/openssl/app.c:  added functions 
+	to read keys and certs in xmlsec-openssl from memory and BIOs 
+	(bug #119350, patch based on the code from Joachim)
+
 Wed Aug  6 08:57:20 2003  Aleksey Sanin  <aleksey@aleksey.com>
 
-	* Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in xmlsec-openssl.pc.in xmlsecConf.sh.in:
+	* Makefile.am configure.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in 
+	xmlsec-openssl.pc.in xmlsecConf.sh.in:
 	config bug fixing and improvements from Roumen
 
 Mon Aug  4 19:39:52 2003  Aleksey Sanin  <aleksey@aleksey.com>i
diff --git a/include/xmlsec/openssl/app.h b/include/xmlsec/openssl/app.h
index abe47f9d..ca7e0f46 100644
--- a/include/xmlsec/openssl/app.h
+++ b/include/xmlsec/openssl/app.h
@@ -14,6 +14,7 @@ extern "C" {
 #endif /* __cplusplus */ 
 
 #include <openssl/pem.h>
+#include <openssl/bio.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
@@ -42,6 +43,16 @@ XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mng
 									 const char *filename, 
 									 xmlSecKeyDataFormat format,
 									 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, 
+									 const xmlSecByte* data,
+									 xmlSecSize dataSize, 
+									 xmlSecKeyDataFormat format,
+									 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, 
+									 BIO* bio,
+									 xmlSecKeyDataFormat format,
+									 xmlSecKeyDataType type);
+
 XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrAddCertsPath(xmlSecKeysMngrPtr mngr, 
 									 const char *path);
 #endif /* XMLSEC_NO_X509 */
@@ -55,14 +66,43 @@ XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoad		(const char *filename
 									 const char *pwd,
 									 pem_password_cb *pwdCallback,
 									 void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoadMemory	(const xmlSecByte* data,
+									 xmlSecSize dataSize, 
+									 xmlSecKeyDataFormat format,
+									 const char *pwd,
+									 pem_password_cb *pwdCallback,
+									 void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoadBIO	(BIO* bio,
+									 xmlSecKeyDataFormat format,
+									 const char *pwd,
+									 pem_password_cb *pwdCallback,
+									 void* pwdCallbackCtx);
+
 #ifndef XMLSEC_NO_X509
 XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12Load	(const char* filename, 
 									 const char* pwd,
 									 pem_password_cb* pwdCallback, 
 									 void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data,
+									 xmlSecSize dataSize, 
+									 const char* pwd,
+									 pem_password_cb* pwdCallback, 
+									 void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12LoadBIO	(BIO* bio, 
+									 const char* pwd,
+									 pem_password_cb* pwdCallback, 
+									 void* pwdCallbackCtx);
+
 XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoad	(xmlSecKeyPtr key,
 									 const char* filename,
 									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key,
+									 const xmlSecByte* data,
+									 xmlSecSize dataSize, 
+									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoadBIO	(xmlSecKeyPtr key,
+									 BIO* bio,
+									 xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
 
 #ifdef __cplusplus
diff --git a/src/openssl/app.c b/src/openssl/app.c
index 168a91f9..73f8f9ac 100644
--- a/src/openssl/app.c
+++ b/src/openssl/app.c
@@ -99,21 +99,13 @@ xmlSecOpenSSLAppShutdown(void) {
 xmlSecKeyPtr
 xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 			const char *pwd, pem_password_cb *pwdCallback, 
-			void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
-    xmlSecKeyPtr key = NULL;
-    xmlSecKeyDataPtr data;
-    EVP_PKEY* pKey = NULL;    
+			void* pwdCallbackCtx) {
     BIO* bio;
-    int ret;
-
+    xmlSecKeyPtr key;
+    
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
-    if (format == xmlSecKeyDataFormatPkcs12) {
-	return (xmlSecOpenSSLAppPkcs12Load(filename, pwd, pwdCallback,
-			      		   pwdCallbackCtx));
-    }
-
     bio = BIO_new_file(filename, "rb");
     if(bio == NULL) {
 	xmlSecError(XMLSEC_ERRORS_HERE,
@@ -125,7 +117,99 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 		    errno);
 	return(NULL);    
     }
+
+    key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeyLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	BIO_free(bio);
+	return(NULL);
+    }
+    
+    BIO_free(bio);
+    return(key);
+}
+
+/**
+ * xmlSecOpenSSLAppKeyLoadMemory:
+ * @data:		the binary key data.
+ * @dataSize:		the size of binary key.
+ * @format:		the key file format.
+ * @pwd:		the key file password.
+ * @pwdCallback:	the key password callback.
+ * @pwdCallbackCtx:	the user context for password callback.
+ *
+ * Reads key from the memory buffer.
+ *
+ * Returns pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecOpenSSLAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
+			xmlSecKeyDataFormat format, const char *pwd, 
+			pem_password_cb *pwdCallback, void* pwdCallbackCtx) {
+    BIO* bio;
+    xmlSecKeyPtr key;
+    
+    xmlSecAssert2(data != NULL, NULL);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+    
+    /* this would be a read only BIO, cast from const is ok */
+    bio = BIO_new_mem_buf((void*)data, dataSize);
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_mem_buf",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "errno=%d", 
+		    errno);
+	return(NULL);    
+    }
+
+    key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeyLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    XMLSEC_ERRORS_NO_MESSAGE);
+	BIO_free(bio);
+	return(NULL);
+    }
     
+    BIO_free(bio);
+    return(key);
+}
+
+/**
+ * xmlSecOpenSSLAppKeyLoadBIO:
+ * @bio:		the key BIO.
+ * @format:		the key file format.
+ * @pwd:		the key file password.
+ * @pwdCallback:	the key password callback.
+ * @pwdCallbackCtx:	the user context for password callback.
+ *
+ * Reads key from the an OpenSSL BIO object.
+ *
+ * Returns pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
+			const char *pwd, pem_password_cb *pwdCallback, 
+			void* pwdCallbackCtx) {
+
+    xmlSecKeyPtr key = NULL;
+    xmlSecKeyDataPtr data;
+    EVP_PKEY* pKey = NULL;    
+    int ret;
+
+    xmlSecAssert2(bio != NULL, NULL);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+
     switch(format) {
     case xmlSecKeyDataFormatPem:
         /* try to read private key first */    
@@ -139,8 +223,7 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 			    NULL,
 			    "PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY",
 			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "file=%s", xmlSecErrorsSafeString(filename));
-		BIO_free(bio);
+			    XMLSEC_ERRORS_NO_MESSAGE);
 		return(NULL);
 	    }
 	}
@@ -157,8 +240,7 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 			    NULL,
 			    "d2i_PrivateKey_bio and d2i_PUBKEY_bio",
 			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "file=%s", xmlSecErrorsSafeString(filename));
-		BIO_free(bio);
+			    XMLSEC_ERRORS_NO_MESSAGE);
 		return(NULL);
 	    }
 	}
@@ -171,8 +253,7 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 			NULL,
 			"PEM_read_bio_PrivateKey",
 			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"file=%s", xmlSecErrorsSafeString(filename));
-	    BIO_free(bio);
+			XMLSEC_ERRORS_NO_MESSAGE);
 	    return(NULL);	
 	}
 	break;
@@ -181,24 +262,32 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 	pKey = d2i_PKCS8PrivateKey_bio(bio, NULL, pwdCallback, (void*)pwd);
         if(pKey == NULL) {
 	    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"d2i_PrivateKey_bio and d2i_PUBKEY_bio",
-		XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		"file=%s", xmlSecErrorsSafeString(filename));
-	    BIO_free(bio);
+			NULL,
+			"d2i_PrivateKey_bio and d2i_PUBKEY_bio",
+			XMLSEC_ERRORS_R_CRYPTO_FAILED,
+			XMLSEC_ERRORS_NO_MESSAGE);
 	    return(NULL);
 	}
 	break;
+    case xmlSecKeyDataFormatPkcs12:
+	key = xmlSecOpenSSLAppPkcs12LoadBIO(bio, pwd, pwdCallback, pwdCallbackCtx);
+        if(key == NULL) {
+	    xmlSecError(XMLSEC_ERRORS_HERE,
+			NULL,
+			"xmlSecOpenSSLAppPkcs12LoadBIO",
+			XMLSEC_ERRORS_R_XMLSEC_FAILED,
+			XMLSEC_ERRORS_NO_MESSAGE);
+	    return(NULL);	
+	}
+	return(key);
     default:
 	xmlSecError(XMLSEC_ERRORS_HERE,
 		    NULL,
 		    NULL,
 		    XMLSEC_ERRORS_R_INVALID_FORMAT,
 		    "format=%d", format); 
-	BIO_free(bio);
 	return(NULL);
     }        	
-    BIO_free(bio);
 
     data = xmlSecOpenSSLEvpKeyAdopt(pKey);
     if(data == NULL) {
@@ -239,7 +328,7 @@ xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 }
 
 #ifndef XMLSEC_NO_X509
-static X509*		xmlSecOpenSSLAppCertLoad		(const char* filename,
+static X509*		xmlSecOpenSSLAppCertLoadBIO		(BIO* bio,
 								 xmlSecKeyDataFormat format);
 
 /**
@@ -254,13 +343,110 @@ static X509*		xmlSecOpenSSLAppCertLoad		(const char* filename,
  */
 int		
 xmlSecOpenSSLAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFormat format) {
+    BIO* bio;
+    int ret;
+        
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    bio = BIO_new_file(filename, "rb");
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_file",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	return(-1);    
+    }
+
+    ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
+    if(ret < 0) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeyCertLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	BIO_free(bio);
+	return(-1);
+    }
+    
+    BIO_free(bio);
+    return(0);
+}
+
+/**
+ * xmlSecOpenSSLAppKeyCertLoadMemory:
+ * @key:		the pointer to key.
+ * @data:		the certificate binary data.
+ * @dataSize:		the certificate binary data size.
+ * @format:		the certificate file format.
+ *
+ * Reads the certificate from memory buffer and adds it to key.
+ * 
+ * Returns 0 on success or a negative value otherwise.
+ */
+int		
+xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
+				xmlSecKeyDataFormat format) {
+    BIO* bio;
+    int ret;
+        
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* this would be a read only BIO, cast from const is ok */
+    bio = BIO_new_mem_buf((void*)data, dataSize);
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_mem_buf",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "errno=%d", 
+		    errno);
+	return(-1);    
+    }
+
+    ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
+    if(ret < 0) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeyCertLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    XMLSEC_ERRORS_NO_MESSAGE);
+	BIO_free(bio);
+	return(-1);
+    }
+    
+    BIO_free(bio);
+    return(0);
+}
+
+/**
+ * xmlSecOpenSSLAppKeyCertLoadBIO:
+ * @key:		the pointer to key.
+ * @bio:		the certificate bio.
+ * @format:		the certificate file format.
+ *
+ * Reads the certificate from memory buffer and adds it to key.
+ * 
+ * Returns 0 on success or a negative value otherwise.
+ */
+int		
+xmlSecOpenSSLAppKeyCertLoadBIO(xmlSecKeyPtr key, BIO* bio, xmlSecKeyDataFormat format) {
+
     xmlSecKeyDataFormat certFormat;
     xmlSecKeyDataPtr data;
     X509 *cert;
     int ret;
     
     xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(bio != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
     
     data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
@@ -286,14 +472,13 @@ xmlSecOpenSSLAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDat
 	certFormat = format;
     }
 
-    cert = xmlSecOpenSSLAppCertLoad(filename, certFormat);
+    cert = xmlSecOpenSSLAppCertLoadBIO(bio, certFormat);
     if(cert == NULL) {
 	xmlSecError(XMLSEC_ERRORS_HERE,
 		    NULL,
 		    "xmlSecOpenSSLAppCertLoad", 
 		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;format=%d", 
-		    xmlSecErrorsSafeString(filename), certFormat);
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	return(-1);    
     }    	
     
@@ -327,9 +512,110 @@ xmlSecOpenSSLAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDat
  */
 xmlSecKeyPtr	
 xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
+			   pem_password_cb *pwdCallback, 
+			   void* pwdCallbackCtx) {
+    BIO* bio;
+    xmlSecKeyPtr key;
+    
+    xmlSecAssert2(filename != NULL, NULL);
+
+    bio = BIO_new_file(filename, "rb");
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_file",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	return(NULL);    
+    }
+
+    key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppPkcs12LoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	BIO_free(bio);
+	return(NULL);
+    }
+    
+    BIO_free(bio);
+    return(key);
+}
+
+/**
+ * xmlSecOpenSSLAppPkcs12LoadMemory:
+ * @data:		the PKCS12 binary data.
+ * @dataSize:		the PKCS12 binary data size.
+ * @pwd:		the PKCS12 file password.
+ * @pwdCallback:	the password callback.
+ * @pwdCallbackCtx:	the user context for password callback.
+ *
+ * Reads key and all associated certificates from the PKCS12 data in memory buffer.
+ * For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
+ * in format=xmlSecKeyDataFormatPkcs12.
+ *
+ * Returns pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr	
+xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
+			   const char *pwd, pem_password_cb *pwdCallback, 
+			   void* pwdCallbackCtx) {
+    BIO* bio;
+    xmlSecKeyPtr key;
+    
+    xmlSecAssert2(data != NULL, NULL);
+
+    /* this would be a read only BIO, cast from const is ok */
+    bio = BIO_new_mem_buf((void*)data, dataSize);
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_mem_buf",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "errno=%d", 
+		    errno);
+	return(NULL);    
+    }
+
+    key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppPkcs12LoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    XMLSEC_ERRORS_NO_MESSAGE);
+	BIO_free(bio);
+	return(NULL);
+    }
+    
+    BIO_free(bio);
+    return(key);
+}
+
+/**
+ * xmlSecOpenSSLAppPkcs12LoadBIO:
+ * @bio:		the PKCS12 key bio.
+ * @pwd:		the PKCS12 file password.
+ * @pwdCallback:	the password callback.
+ * @pwdCallbackCtx:	the user context for password callback.
+ *
+ * Reads key and all associated certificates from the PKCS12 data in an OpenSSL BIO object.
+ * For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
+ * in format=xmlSecKeyDataFormatPkcs12.
+ *
+ * Returns pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr	
+xmlSecOpenSSLAppPkcs12LoadBIO(BIO* bio, const char *pwd,
 			   pem_password_cb *pwdCallback ATTRIBUTE_UNUSED, 
 			   void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
-    FILE *f = NULL;
+
     PKCS12 *p12 = NULL;
     EVP_PKEY *pKey = NULL;
     STACK_OF(X509) *chain = NULL;
@@ -341,26 +627,15 @@ xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
     int i;
     int ret;
 
-    xmlSecAssert2(filename != NULL, NULL);
+    xmlSecAssert2(bio != NULL, NULL);
         
-    f = fopen(filename, "rb");
-    if(f == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "fopen",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename),errno);
-	goto done;
-    }
-    
-    p12 = d2i_PKCS12_fp(f, NULL);
+    p12 = d2i_PKCS12_bio(bio, NULL);
     if(p12 == NULL) {
 	xmlSecError(XMLSEC_ERRORS_HERE,
 		    NULL,
 		    "d2i_PKCS12_fp",
 		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s", xmlSecErrorsSafeString(filename));
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	goto done;
     }
 
@@ -370,7 +645,7 @@ xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
 		    NULL,
 		    "PKCS12_verify_mac",
 		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s", xmlSecErrorsSafeString(filename));
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	goto done;
     }    
         
@@ -380,7 +655,7 @@ xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
 		    NULL,
 		    "PKCS12_parse",
 		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s", xmlSecErrorsSafeString(filename));
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	goto done;
     }    
 
@@ -390,7 +665,7 @@ xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
 		    NULL,
 		    "xmlSecOpenSSLEvpKeyAdopt",
 		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", xmlSecErrorsSafeString(filename));
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	EVP_PKEY_free(pKey);	
 	goto done;
     }    
@@ -521,9 +796,6 @@ done:
     if(p12 != NULL) {
         PKCS12_free(p12);
     }
-    if(f != NULL) {
-	fclose(f);
-    }
     return(key);    
 }
 
@@ -542,13 +814,115 @@ done:
  */
 int
 xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
+			    xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
+    BIO* bio;
+    int ret;
+        
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    bio = BIO_new_file(filename, "rb");
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_file",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	return(-1);    
+    }
+
+    ret = xmlSecOpenSSLAppKeysMngrCertLoadBIO(mngr, bio, format, type);
+    if(ret < 0) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    "filename=%s;errno=%d", 
+		    xmlSecErrorsSafeString(filename), 
+		    errno);
+	BIO_free(bio);
+	return(-1);
+    }
+    
+    BIO_free(bio);
+    return(0);
+}
+
+/**
+ * xmlSecOpenSSLAppKeysMngrCertLoadMemory:
+ * @mngr: 		the keys manager.
+ * @data:		the certificate binary data.
+ * @dataSize:		the certificate binary data size.
+ * @format:		the certificate file format.
+ * @type: 		the flag that indicates is the certificate trusted or not.
+ * 
+ * Reads cert from binary buffer @data and adds to the list of trusted or known
+ * untrusted certs in @store.
+ *
+ * Returns 0 on success or a negative value otherwise.
+ */
+int
+xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
+				    xmlSecSize dataSize, xmlSecKeyDataFormat format, 
+				    xmlSecKeyDataType type) {
+    BIO* bio;
+    int ret;
+        
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* this would be a read only BIO, cast from const is ok */
+    bio = BIO_new_mem_buf((void*)data, dataSize);
+    if(bio == NULL) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "BIO_new_mem_buf",
+		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+		    "errno=%d", 
+		    errno);
+	return(-1);    
+    }
+
+    ret = xmlSecOpenSSLAppKeysMngrCertLoadBIO(mngr, bio, format, type);
+    if(ret < 0) {
+	xmlSecError(XMLSEC_ERRORS_HERE,
+		    NULL,
+		    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
+		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+		    XMLSEC_ERRORS_NO_MESSAGE);
+	BIO_free(bio);
+	return(-1);
+    }
+    
+    BIO_free(bio);
+    return(0);
+}
+
+/**
+ * xmlSecOpenSSLAppKeysMngrCertLoadBIO:
+ * @mngr: 		the keys manager.
+ * @bio: 		the certificate BIO.
+ * @format:		the certificate file format.
+ * @type: 		the flag that indicates is the certificate trusted or not.
+ * 
+ * Reads cert from an OpenSSL BIO object and adds to the list of trusted or known
+ * untrusted certs in @store.
+ *
+ * Returns 0 on success or a negative value otherwise.
+ */
+int
+xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, BIO* bio, 
 				    xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
     xmlSecKeyDataStorePtr x509Store;
     X509* cert;
     int ret;
 
     xmlSecAssert2(mngr != NULL, -1);
-    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(bio != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
     
     x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecOpenSSLX509StoreId);
@@ -561,14 +935,13 @@ xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
 	return(-1);
     }
 
-    cert = xmlSecOpenSSLAppCertLoad(filename, format);
+    cert = xmlSecOpenSSLAppCertLoadBIO(bio, format);
     if(cert == NULL) {
 	xmlSecError(XMLSEC_ERRORS_HERE,
 		    NULL,
-		    "xmlSecOpenSSLAppCertLoad",
+		    "xmlSecOpenSSLAppCertLoadBIO",
 		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;format=%d", 
-		    xmlSecErrorsSafeString(filename), format);
+		    XMLSEC_ERRORS_NO_MESSAGE);
 	return(-1);    
     }    	
     
@@ -627,25 +1000,12 @@ xmlSecOpenSSLAppKeysMngrAddCertsPath(xmlSecKeysMngrPtr mngr, const char *path) {
 }
 
 static X509*	
-xmlSecOpenSSLAppCertLoad(const char* filename, xmlSecKeyDataFormat format) {
+xmlSecOpenSSLAppCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
     X509 *cert;
-    BIO* bio;
     
-    xmlSecAssert2(filename != NULL, NULL);
+    xmlSecAssert2(bio != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
-    bio = BIO_new_file(filename, "rb");
-    if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	return(NULL);    
-    }
-    
     switch(format) {
     case xmlSecKeyDataFormatPem:
 	cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
@@ -654,9 +1014,7 @@ xmlSecOpenSSLAppCertLoad(const char* filename, xmlSecKeyDataFormat format) {
 			NULL,
 			"PEM_read_bio_X509_AUX",
 			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"filename=%s", 
-			xmlSecErrorsSafeString(filename));
-	    BIO_free(bio);
+			XMLSEC_ERRORS_NO_MESSAGE);
 	    return(NULL);    
 	}
 	break;
@@ -667,9 +1025,7 @@ xmlSecOpenSSLAppCertLoad(const char* filename, xmlSecKeyDataFormat format) {
 			NULL,
 			"d2i_X509_bio",
 			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"filename=%s", 
-			xmlSecErrorsSafeString(filename));
-	    BIO_free(bio);
+			XMLSEC_ERRORS_NO_MESSAGE);
 	    return(NULL);    
 	}
 	break;
@@ -679,11 +1035,9 @@ xmlSecOpenSSLAppCertLoad(const char* filename, xmlSecKeyDataFormat format) {
 		    NULL,
 		    XMLSEC_ERRORS_R_INVALID_FORMAT,
 		    "format=%d", format); 
-	BIO_free(bio);
 	return(NULL);
     }
         	
-    BIO_free(bio);
     return(cert);
 }
 
diff --git a/tests/keys.xml b/tests/keys.xml
index e956d86e..0037e50a 100644
--- a/tests/keys.xml
+++ b/tests/keys.xml
@@ -3,7 +3,7 @@
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
 <KeyName>test-hmac-sha1</KeyName>
 <KeyValue>
-<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">wX6zU8SGWPBAVSqpYClsn1XKfamG3Cbt</HMACKeyValue>
+<HMACKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">1L+MH/T7JXzOy2I9s5Ho92b5LjEY6COL</HMACKeyValue>
 </KeyValue>
 </KeyInfo>
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -11,17 +11,17 @@
 <KeyValue>
 <RSAKeyValue>
 <Modulus>
-xuOotwF0ikvdSjqYlWOcHVw8gQP284nhl3ErSOlK704fFay1SINByFT7jWwMwn33
-wZrfPae+nlJHe+UTEXcO0nKICE/qYUv07zmwnr29Yae7xfl3KYD/hvUu8J4zZmCS
-3YQlInGOswRQuK+iYkwvsQKElnxRjvV2cy8ILhjRVsE=
+tKHRoHW5GI47Ht9kxN9o97x07KKpc7Qg1ETRKWrlctXAB6xHQhiVkbYJVhdXv1RQ
+Ym1wH6XeJw/nmXMbY+5fQM1Q1uTXbMOUbRYx5r3f4tovR59nQ6NIoBb6tfe5BZK6
+fnjpD1MaW05wGIUy9+MFHUj3SDqxv196dEWJwR6Iqg0=
 </Modulus>
 <Exponent>
 Aw==
 </Exponent>
 <PrivateExponent xmlns="http://www.aleksey.com/xmlsec/2002">
-hJfFz1ZNsYfo3CcQY5e9aOgoVgKkolvruktyMJuHSjQUuR3OMFeBMDins51d1v6l
-K7yU08UpvuGE/UNiC6S0ix9yPxR4L3rVlDxbhOdgNQ+T10vZ7+vmBFxtYd+6g0IY
-Ar8bIbGWuNQk5knlMp2375NcFwRg71Qlqm2wkEPwNeM=
+eGvhFaPQuwl8vz+Ygz+bT9L4ncHGTSLAjYM2G5yY9zkqr8gvgWW5C86w5A+P1OLg
+QZ5Kv8Ppb1/vu6ISQp7qKhPpbowG+LJHZ+GB4L3RAfkyIF+XCYkwSzvlRTuWa5uS
+U7xAxQzwjt2Wq8jKIb3NxcR13RDKR0nYc3tmiKgVpis=
 </PrivateExponent>
 </RSAKeyValue>
 </KeyValue>
@@ -31,25 +31,25 @@ Ar8bIbGWuNQk5knlMp2375NcFwRg71Qlqm2wkEPwNeM=
 <KeyValue>
 <DSAKeyValue>
 <P>
-qwsmWVFwPu0q/QPmwXKmclhIv606pf6tvIF/eoE3WtvPlEttOyEK123OuHQFBbXA
-Djxi1dKDrltnWqIU3MBHeTrni1GYk//mucF/CMHvB01CeXxX8q9pEuEtlMamyh4n
-tdFxaNX6yUbvNmbitjW0M3vnDzhXUzqk1FxXnusRqxM=
++/iULHlbjU0BJnUEURAq5mgBoET+h+/JafnCEOdDjMdnG/MCBpks007t6awNhbWh
+6oL44wKa4WZPkY3+P9lRrBWn5NT9Am+3dT+rz2N92jH18qe5rTc2yHwnVJkJ136n
+HBi4+IShT2pJYndjCUJzDPg3JKSbfqs7hW6FoLS0rEc=
 </P>
 <Q>
-65XWbdYJ3gSpDFrgdfVL/2PYPQc=
+28RZIU06t5Y0r4vNDz9p03HV0h8=
 </Q>
 <G>
-memR3uytuArzKBzIwpkpH1HtpB3hL8nUyWX1/NU4aEdjlwfiGVxjnMt1B5T5G4CB
-D+zI6PDo8nNrqmV+TazjOwnkB+p0zhHvpN2jPsMXuyOd4olTA0CHp2MeOf2f0a99
-b08l6mywP9kvngqHRcVjCH1lBNARb8+Cm96716aRObw=
+SlP9CEP5vla4cfBHGjsxfctJ5JSOLnoxwcYn+wKhK+b/sLdThrVcohoS3Lq39Jlw
+5P78bRks6jeWBonOEXrOAldccHV6fSnMYiEPZ+RTtmq8RCkV+RXdlaqYClG4aVO/
+40aioXQHRlS7ityls0ITPWaWCZXmh4ZyBieZrtYHvpY=
 </G>
 <X xmlns="http://www.aleksey.com/xmlsec/2002">
-QSVru1x8Hgxb1XGU9m8ehXgMmu8=
+iaLSTFIpOFV3xrUFQ2zKIHIvJQk=
 </X>
 <Y>
-YruTW3j32ZOHZQ8BZiUh9UUeCRtVSUtAiGndOZRcrFV7w4nJQVmk1TcSaPz++du2
-HKLF/BSPKCCQu/XDuxkoKuCFYmsh4R/EZ3/YDJ9oDs97MHHkvEyFjcFbTIPvDMy1
-G5GjWxw5KpnGC7qqoYNLaxbzxMSbsLHEldfUtm1b54E=
+3FzOWWHz7mu7NeUHq0gLjj7RFZIgzKSYPwh+tFlBIxWh8ioilRTDiQRPpDcnUqLs
+M+CjDXfycHIRN22wclw5QSSS/N0us1TR4bfsVKdDLZfMxewHhfcZyr3yuFltdGU0
+wJ+l17vt5NrskU/epVujnni5yBUhweh3rKzeS5hrPV8=
 </Y>
 </DSAKeyValue>
 </KeyValue>
@@ -57,25 +57,25 @@ G5GjWxw5KpnGC7qqoYNLaxbzxMSbsLHEldfUtm1b54E=
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
 <KeyName>test-des</KeyName>
 <KeyValue>
-<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">shMSfB+70s32hf0Nj+0fKyTMoSn6s8b4</DESKeyValue>
+<DESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">vwbSXq5pmQgM1MH1x82wOEKcXYwHBxEi</DESKeyValue>
 </KeyValue>
 </KeyInfo>
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
 <KeyName>test-aes128</KeyName>
 <KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">ikTfCjFqoNTmBV2Ypp5Dqg==</AESKeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">Q8vUR/LUN7hKeHXkHDVyhg==</AESKeyValue>
 </KeyValue>
 </KeyInfo>
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
 <KeyName>test-aes192</KeyName>
 <KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">h0nFr4bJ7KsN+RgsaFCovwFTLX3HE865</AESKeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">B2Zlwpxzm6EaF88GN83Mmi/xOOEw7/56</AESKeyValue>
 </KeyValue>
 </KeyInfo>
 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
 <KeyName>test-aes256</KeyName>
 <KeyValue>
-<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">h5DxJbo3otmV14lreP24ZHumArRP7i/pdPc7w1fvJ48=</AESKeyValue>
+<AESKeyValue xmlns="http://www.aleksey.com/xmlsec/2002">ulIprYY0iFVGIbPCGlKDyoRgV5a6h7xsmNn9xtQKQh8=</AESKeyValue>
 </KeyValue>
 </KeyInfo>
 </Keys>
author	Aleksey Sanin <aleksey@src.gnome.org>	2003-08-08 00:34:58 +0000
committer	Aleksey Sanin <aleksey@src.gnome.org>	2003-08-08 00:34:58 +0000
commit	6311ebf1129cb0deac3dce0f5d98f846a3bd8440 (patch)
tree	48d20d935a71fddcf07c8991050751faae2a1882
parent	0c988c4ff33266bbcac2f2c5f53c37700522eeb5 (diff)
download	xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.tar.gz xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.tar.bz2 xmlsec1-6311ebf1129cb0deac3dce0f5d98f846a3bd8440.zip