diff options
| author | Aleksey Sanin <aleksey@src.gnome.org> | 2004-02-04 09:30:43 +0000 |
|---|---|---|
| committer | Aleksey Sanin <aleksey@src.gnome.org> | 2004-02-04 09:30:43 +0000 |
| commit | 300a61d2779c8b39c9fd5816026831dbf75ccf6a (patch) | |
| tree | 32a5ff07374b293504c2409f33c1a2af116176ac | |
| parent | 820853705946aef58db5fd75d5eb9977bf84d0e8 (diff) | |
| download | xmlsec1-300a61d2779c8b39c9fd5816026831dbf75ccf6a.tar.gz xmlsec1-300a61d2779c8b39c9fd5816026831dbf75ccf6a.tar.bz2 xmlsec1-300a61d2779c8b39c9fd5816026831dbf75ccf6a.zip | |
created new --xkms-format parameter (plain/soap-1.1/soap-1.2) move
* apps/xmlsec.c: created new --xkms-format parameter
(plain/soap-1.1/soap-1.2)
* configure.in xmlsec.spec.in include/xmlsec/Makefile.am
include/xmlsec/private/*: move internal xkms declarations to
a newly created "xmlsec/private" includes folder
* include/xmlsec/strings.h include/xmlsec/xkms.h
src/strings.c src/xkms.c tests/testXKMS.sh: preparation for soap
request/response suppport
| -rw-r--r-- | ChangeLog | 11 | ||||
| -rw-r--r-- | apps/xmlsec.c | 63 | ||||
| -rw-r--r-- | configure.in | 1 | ||||
| -rw-r--r-- | include/xmlsec/Makefile.am | 2 | ||||
| -rw-r--r-- | include/xmlsec/private/.cvsignore | 2 | ||||
| -rw-r--r-- | include/xmlsec/private/Makefile.am | 11 | ||||
| -rw-r--r-- | include/xmlsec/private/xkms.h | 112 | ||||
| -rw-r--r-- | include/xmlsec/strings.h | 4 | ||||
| -rw-r--r-- | include/xmlsec/xkms.h | 414 | ||||
| -rw-r--r-- | src/strings.c | 5 | ||||
| -rw-r--r-- | src/xkms.c | 301 | ||||
| -rwxr-xr-x | tests/testXKMS.sh | 34 | ||||
| -rw-r--r-- | xmlsec.spec.in | 1 |
13 files changed, 536 insertions, 425 deletions
@@ -1,3 +1,14 @@ +Wed Feb 4 01:26:51 2004 Aleksey Sanin <aleksey@aleksey.com> + + * apps/xmlsec.c: created new --xkms-format parameter + (plain/soap-1.1/soap-1.2) + * configure.in xmlsec.spec.in include/xmlsec/Makefile.am + include/xmlsec/private/*: move internal xkms declarations to + a newly created "xmlsec/private" includes folder + * include/xmlsec/strings.h include/xmlsec/xkms.h + src/strings.c src/xkms.c tests/testXKMS.sh: preparation for soap + request/response suppport + Tue Feb 3 22:44:36 2004 Aleksey Sanin <aleksey@aleksey.com> * apps/xmlsec.c: combined xkms server commands into one diff --git a/apps/xmlsec.c b/apps/xmlsec.c index ba073a03..753c4473 100644 --- a/apps/xmlsec.c +++ b/apps/xmlsec.c @@ -75,7 +75,7 @@ static const char helpCommands2[] = " --decrypt " "\tdecrypt data from XML document\n" #endif /* XMLSEC_NO_XMLENC */ #ifndef XMLSEC_NO_XKMS - " --xkms-server " "\tprocess data as XKMS server request\n" + " --xkms-server-request ""\tprocess data as XKMS server request\n" #endif /* XMLSEC_NO_XKMS */ ; @@ -112,8 +112,8 @@ static const char helpDecrypt[] = "Usage: xmlsec decrypt [<options>] <file>\n" "Decrypts XML Encryption data in the <file>\n"; -static const char helpXkmsServer[] = - "Usage: xmlsec xkms-server [<options>] <file>\n" +static const char helpXkmsServerRequest[] = + "Usage: xmlsec xkms-server-request [<options>] <file>\n" "Processes the <file> as XKMS server request and outputs the response\n"; static const char helpListKeyData[] = @@ -639,12 +639,23 @@ static xmlSecAppCmdLineParam xmlDataParam = { * ***************************************************************/ #ifndef XMLSEC_NO_XKMS -static xmlSecAppCmdLineParam serviceParam = { +static xmlSecAppCmdLineParam xkmsServiceParam = { xmlSecAppCmdLineTopicXkmsCommon, - "--xkms-server-service", - "--service", - "--xkms-server-service <uri>" - "\n\tmakes <uri> expected XKMS request service", + "--xkms-service", + NULL, + "--xkms-service <uri>" + "\n\tsets XKMS \"Service\" <uri>", + xmlSecAppCmdLineParamTypeString, + xmlSecAppCmdLineParamFlagNone, + NULL +}; +static xmlSecAppCmdLineParam xkmsFormatParam = { + xmlSecAppCmdLineTopicXkmsCommon, + "--xkms-format", + NULL, + "--xkms-format <format>" + "\n\tsets the XKMS request/response format to one of the following values:" + "\n\t \"plain\" (default), \"soap-1.1\" or \"soap-1.2\"", xmlSecAppCmdLineParamTypeString, xmlSecAppCmdLineParamFlagNone, NULL @@ -788,7 +799,8 @@ static xmlSecAppCmdLineParamPtr parameters[] = { /* xkms params */ #ifndef XMLSEC_NO_XKMS - &serviceParam, + &xkmsServiceParam, + &xkmsFormatParam, #endif /* XMLSEC_NO_XKMS */ /* common dsig and enc parameters */ @@ -863,7 +875,7 @@ typedef enum { xmlSecAppCommandEncrypt, xmlSecAppCommandDecrypt, xmlSecAppCommandEncryptTmpl, - xmlSecAppCommandXkmsServer + xmlSecAppCommandXkmsServerRequest } xmlSecAppCommand; typedef struct _xmlSecAppXmlData xmlSecAppXmlData, @@ -985,7 +997,7 @@ int main(int argc, const char **argv) { case xmlSecAppCommandVerify: case xmlSecAppCommandEncrypt: case xmlSecAppCommandDecrypt: - case xmlSecAppCommandXkmsServer: + case xmlSecAppCommandXkmsServerRequest: if(pos >= argc) { fprintf(stderr, "Error: <file> parameter is requried for this command\n"); xmlSecAppPrintUsage(); @@ -1096,7 +1108,7 @@ int main(int argc, const char **argv) { #endif /* XMLSEC_NO_XMLENC */ #ifndef XMLSEC_NO_XKMS - case xmlSecAppCommandXkmsServer: + case xmlSecAppCommandXkmsServerRequest: for(i = pos; i < argc; ++i) { if(xmlSecAppXkmsServerProcess(argv[i]) < 0) { fprintf(stderr, "Error: failed to process XKMS server request from file \"%s\"\n", argv[i]); @@ -1799,6 +1811,7 @@ xmlSecAppXkmsServerProcess(const char* filename) { xmlSecAppXmlDataPtr data = NULL; xmlNodePtr result = NULL; xmlSecXkmsServerCtx xkmsServerCtx; + xmlSecXkmsServerFormat format = xmlSecXkmsServerFormatPlain; clock_t start_time; int res = -1; @@ -1815,6 +1828,16 @@ xmlSecAppXkmsServerProcess(const char* filename) { goto done; } + /* get the input format */ + if(xmlSecAppCmdLineParamGetString(&xkmsFormatParam) != NULL) { + format = xmlSecXkmsServerFormatFromString(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsFormatParam)); + if(format == xmlSecXkmsServerFormatUnknown) { + fprintf(stderr, "Error: unknown format \"%s\"\n", + xmlSecAppCmdLineParamGetString(&xkmsFormatParam)); + return(-1); + } + } + /* parse template and select start node, there are multiple options * for start node thus we don't provide the default start node name */ data = xmlSecAppXmlDataCreate(filename, NULL, NULL); @@ -1824,7 +1847,7 @@ xmlSecAppXkmsServerProcess(const char* filename) { } start_time = clock(); - if(xmlSecXkmsServerCtxProcess(&xkmsServerCtx, data->startNode, &result) < 0) { + if(xmlSecXkmsServerCtxProcessDoc(&xkmsServerCtx, data->startNode, &result, format) < 0) { fprintf(stderr, "Error: failed to process xkms server request\n"); goto done; } @@ -1871,11 +1894,11 @@ xmlSecAppPrepareXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) { return(-1); } - if(xmlSecAppCmdLineParamGetString(&serviceParam) != NULL) { - xkmsServerCtx->expectedService = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&serviceParam)); + if(xmlSecAppCmdLineParamGetString(&xkmsServiceParam) != NULL) { + xkmsServerCtx->expectedService = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsServiceParam)); if(xkmsServerCtx->expectedService == NULL) { fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", - xmlSecAppCmdLineParamGetString(&serviceParam)); + xmlSecAppCmdLineParamGetString(&xkmsServiceParam)); return(-1); } } @@ -2679,12 +2702,12 @@ xmlSecAppParseCommand(const char* cmd, xmlSecAppCmdLineParamTopic* cmdLineTopics #endif /* XMLSEC_NO_XMLENC */ #ifndef XMLSEC_NO_XKMS - if((strcmp(cmd, "xkms-server-locate") == 0) || (strcmp(cmd, "--xkms-server") == 0)) { + if(strcmp(cmd, "--xkms-server-request") == 0) { (*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral | xmlSecAppCmdLineTopicXkmsCommon | xmlSecAppCmdLineTopicKeysMngr | xmlSecAppCmdLineTopicX509Certs; - return(xmlSecAppCommandXkmsServer); + return(xmlSecAppCommandXkmsServerRequest); } else #endif /* XMLSEC_NO_XKMS */ @@ -2731,8 +2754,8 @@ xmlSecAppPrintHelp(xmlSecAppCommand command, xmlSecAppCmdLineParamTopic topics) case xmlSecAppCommandEncryptTmpl: fprintf(stdout, "%s\n", helpEncryptTmpl); break; - case xmlSecAppCommandXkmsServer: - fprintf(stdout, "%s\n", helpXkmsServer); + case xmlSecAppCommandXkmsServerRequest: + fprintf(stdout, "%s\n", helpXkmsServerRequest); break; } if(topics != 0) { diff --git a/configure.in b/configure.in index 1328452f..d39ca2ae 100644 --- a/configure.in +++ b/configure.in @@ -1094,6 +1094,7 @@ include/xmlsec/version.h Makefile include/Makefile include/xmlsec/Makefile +include/xmlsec/private/Makefile src/Makefile apps/Makefile docs/Makefile diff --git a/include/xmlsec/Makefile.am b/include/xmlsec/Makefile.am index fe68ddb4..736fa5ed 100644 --- a/include/xmlsec/Makefile.am +++ b/include/xmlsec/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to produce Makefile.in NULL = -SUBDIRS = $(XMLSEC_CRYPTO_LIST) +SUBDIRS = private $(XMLSEC_CRYPTO_LIST) EXTRA_DIST = skeleton mscrypto $(XMLSEC_CRYPTO_DISABLED_LIST) xmlsecincdir = $(includedir)/xmlsec1/xmlsec diff --git a/include/xmlsec/private/.cvsignore b/include/xmlsec/private/.cvsignore new file mode 100644 index 00000000..282522db --- /dev/null +++ b/include/xmlsec/private/.cvsignore @@ -0,0 +1,2 @@ +Makefile +Makefile.in diff --git a/include/xmlsec/private/Makefile.am b/include/xmlsec/private/Makefile.am new file mode 100644 index 00000000..aab78c82 --- /dev/null +++ b/include/xmlsec/private/Makefile.am @@ -0,0 +1,11 @@ +NULL = + +xmlsecprivateincdir = $(includedir)/xmlsec1/xmlsec/private + +xmlsecprivateinc_HEADERS = \ +xkms.h \ +$(NULL) + +install-exec-hook: + $(mkinstalldirs) $(DESTDIR)$(xmlsecprivateincdir) + diff --git a/include/xmlsec/private/xkms.h b/include/xmlsec/private/xkms.h new file mode 100644 index 00000000..8c9e12d9 --- /dev/null +++ b/include/xmlsec/private/xkms.h @@ -0,0 +1,112 @@ +/** + * XML Security Library (http://www.aleksey.com/xmlsec). + * + * "XML Key Management Specification v 2.0" implementation + * http://www.w3.org/TR/xkms2/ + * + * This is free software; see Copyright file in the source + * distribution for preciese wording. + * + * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + */ +#ifndef __XMLSEC_PRIVATE_XKMS_H__ +#define __XMLSEC_PRIVATE_XKMS_H__ + +#ifndef XMLSEC_PRIVATE +#error "xmlsec/private/xkms.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries" +#endif /* XMLSEC_PRIVATE */ + +#ifndef XMLSEC_NO_XKMS + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ +#include <stdio.h> + +#include <libxml/tree.h> +#include <libxml/parser.h> + +#include <xmlsec/xmlsec.h> +#include <xmlsec/buffer.h> +#include <xmlsec/list.h> +#include <xmlsec/keys.h> +#include <xmlsec/keysmngr.h> +#include <xmlsec/keyinfo.h> +#include <xmlsec/transforms.h> +#include <xmlsec/xkms.h> + +/************************************************************************ + * + * XKMS RespondWith Klass + * + ************************************************************************/ +typedef int (*xmlSecXkmsRespondWithNodeReadMethod) (xmlSecXkmsRespondWithId id, + xmlSecXkmsServerCtxPtr ctx, + xmlNodePtr node); +typedef int (*xmlSecXkmsRespondWithNodeWriteMethod) (xmlSecXkmsRespondWithId id, + xmlSecXkmsServerCtxPtr ctx, + xmlNodePtr node); +struct _xmlSecXkmsRespondWithKlass { + const xmlChar* name; + const xmlChar* nodeName; + const xmlChar* nodeNs; + + xmlSecXkmsRespondWithNodeReadMethod readNode; + xmlSecXkmsRespondWithNodeWriteMethod writeNode; + + void* reserved1; + void* reserved2; +}; + +/************************************************************************ + * + * XKMS ServerRequest Klass + * + ************************************************************************/ +typedef int (*xmlSecXkmsServerRequestNodeReadMethod) + (xmlSecXkmsServerRequestId id, + xmlSecXkmsServerCtxPtr ctx, + xmlNodePtr node); +typedef int (*xmlSecXkmsServerRequestExecuteMethod) + (xmlSecXkmsServerRequestId id, + xmlSecXkmsServerCtxPtr ctx); +typedef int (*xmlSecXkmsServerRequestNodeWriteMethod) + (xmlSecXkmsServerRequestId id, + xmlSecXkmsServerCtxPtr ctx, + xmlNodePtr node); +struct _xmlSecXkmsServerRequestKlass { + const xmlChar* name; + const xmlChar* requestNodeName; + const xmlChar* requestNodeNs; + const xmlChar* resultNodeName; + const xmlChar* resultNodeNs; + xmlSecBitMask flags; + + xmlSecXkmsServerRequestNodeReadMethod readNode; + xmlSecXkmsServerRequestNodeWriteMethod writeNode; + xmlSecXkmsServerRequestExecuteMethod execute; + + void* reserved1; + void* reserved2; +}; + +/************************************************************************ + * + * XKMS ServerRequest Klass flags + * + ************************************************************************/ +/** + * XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND: + * + * The server request klass is allowed in xkms:CompoundRequest element. + */ +#define XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND 0x00000001 + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* XMLSEC_NO_XKMS */ + +#endif /* __XMLSEC_PRIVATE_XKMS_H__ */ + diff --git a/include/xmlsec/strings.h b/include/xmlsec/strings.h index 140959bc..9e92be1e 100644 --- a/include/xmlsec/strings.h +++ b/include/xmlsec/strings.h @@ -173,6 +173,10 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecResultMinorCodeNoAuthentication[]; XMLSEC_EXPORT_VAR const xmlChar xmlSecResultMinorCodeMessageNotSupported[]; XMLSEC_EXPORT_VAR const xmlChar xmlSecResultMinorCodeUnknownResponseId[]; XMLSEC_EXPORT_VAR const xmlChar xmlSecResultMinorCodeNotSynchronous[]; + +XMLSEC_EXPORT_VAR const xmlChar xmlSecXkmsFormatStrPlain[]; +XMLSEC_EXPORT_VAR const xmlChar xmlSecXkmsFormatStrSoap1_1[]; +XMLSEC_EXPORT_VAR const xmlChar xmlSecXkmsFormatStrSoap1_2[]; #endif /* XMLSEC_NO_XKMS */ /************************************************************************* diff --git a/include/xmlsec/xkms.h b/include/xmlsec/xkms.h index 3b4ac0bb..152b8701 100644 --- a/include/xmlsec/xkms.h +++ b/include/xmlsec/xkms.h @@ -1,4 +1,4 @@ - /** +/** * XML Security Library (http://www.aleksey.com/xmlsec). * * "XML Key Management Specification v 2.0" implementation @@ -30,24 +30,138 @@ extern "C" { #include <xmlsec/keyinfo.h> #include <xmlsec/transforms.h> +/************************************************************************ + * + * Forward declarations. These internal xmlsec library structures are + * declared in "xmlsec/private/xkms.h" file. + * + ************************************************************************/ typedef struct _xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKlass, *xmlSecXkmsRespondWithId; typedef struct _xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestKlass, *xmlSecXkmsServerRequestId; -/************************************************************************ - * - * XKMS requests server side processing klass + +/** + * xmlSecXkmsResultMajor: + * @xmlSecXkmsResultMajorSuccess: The operation succeeded. + * @xmlSecXkmsResultMajorVersionMismatch: The service does not support + * the protocol version specified + * in the request. + * @xmlSecXkmsResultMajorSender: An error occurred that was due + * to the message sent by the sender. + * @xmlSecXkmsResultMajorReceiver: An error occurred at the receiver. + * @xmlSecXkmsResultMajorRepresent: The service has not acted on the + * request. In order for the request + * to be acted upon the request MUST + * be represented with the specified + * nonce in accordance with the two + * phase protocol. + * @xmlSecXkmsResultMajorPending: The request has been accepted + * for processing and the service + * will return the result asynchronously. + * + * The values for ResultMajor attribute. + */ +typedef enum { + xmlSecXkmsResultMajorSuccess = 0, + xmlSecXkmsResultMajorVersionMismatch, + xmlSecXkmsResultMajorSender, + xmlSecXkmsResultMajorReceiver, + xmlSecXkmsResultMajorRepresent, + xmlSecXkmsResultMajorPending +} xmlSecXkmsResultMajor; + +/** + * xmlSecXkmsResultMinor: + * @xmlSecXkmsResultMinorNone: No minor result code available. + * @xmlSecXkmsResultMinorNoMatch: No match was found for the search + * prototype provided. + * @xmlSecXkmsResultMinorTooManyResponses: The request resulted in the + * number of responses that + * exceeded either the ResponseLimit + * value specified in the request or + * some other limit determined by + * the service. The service MAY + * either return a subset of the + * possible responses or none at all. + * @xmlSecXkmsResultMinorIncomplete: Only part of the information + * requested could be provided. + * @xmlSecXkmsResultMinorFailure: The service attempted to perform + * the request but the operation + * failed for unspecified reasons. + * @xmlSecXkmsResultMinorRefused: The operation was refused. The + * service did not attempt to + * perform the request. + * @xmlSecXkmsResultMinorNoAuthentication: The operation was refused + * because the necessary authentication + * information was incorrect or missing. + * @xmlSecXkmsResultMinorMessageNotSupported: The receiver does not implement + * the specified operation. + * @xmlSecXkmsResultMinorUnknownResponseId: The ResponseId for which pending + * status was requested is unknown to + * the service. + * @xmlSecXkmsResultMinorSynchronous: The receiver does not support + * synchronous processing of this + * type of request. + * + * The values for ResultMinor attribute. + */ +typedef enum { + xmlSecXkmsResultMinorNone = 0, + xmlSecXkmsResultMinorNoMatch, + xmlSecXkmsResultMinorTooManyResponses, + xmlSecXkmsResultMinorIncomplete, + xmlSecXkmsResultMinorFailure, + xmlSecXkmsResultMinorRefused, + xmlSecXkmsResultMinorNoAuthentication, + xmlSecXkmsResultMinorMessageNotSupported, + xmlSecXkmsResultMinorUnknownResponseId, + xmlSecXkmsResultMinorSynchronous +} xmlSecXkmsResultMinor; + +/** + * xmlSecXkmsKeyBindingStatus: + * @xmlSecXkmsKeyBindingStatusNone: The key status is not available. + * @xmlSecXkmsKeyBindingStatusValid: The key is valid. + * @xmlSecXkmsKeyBindingStatusInvalid: The key is not valid. + * @xmlSecXkmsKeyBindingStatusIndeterminate: Could not determine key status. * - ************************************************************************/ + * The values for key binding StatusValue attribute. + */ +typedef enum { + xmlSecXkmsKeyBindingStatusNone, + xmlSecXkmsKeyBindingStatusValid, + xmlSecXkmsKeyBindingStatusInvalid, + xmlSecXkmsKeyBindingStatusIndeterminate +} xmlSecXkmsKeyBindingStatus; + /** - * XMLSEC_XKMS_NO_RESPONSE_LIMIT: + * xmlSecXkmsServerFormat: + * @xmlSecXkmsServerFormatUnknown: The format is unknown. + * @xmlSecXkmsServerFormatPlain: The request/response are not enveloped. + * @xmlSecXkmsServerFormatSoap1_1: The request/response are SOAP 1.1 encapsulated + * @xmlSecXkmsServerFormatSoap1_2: The request/response are SOAP 1.2 encapsulated. * - * The responseLimit value. + * The xkms server request/response format. */ -#define XMLSEC_XKMS_NO_RESPONSE_LIMIT -1 +typedef enum { + xmlSecXkmsServerFormatUnknown = 0, + xmlSecXkmsServerFormatPlain, + xmlSecXkmsServerFormatSoap1_1, + xmlSecXkmsServerFormatSoap1_2 +} xmlSecXkmsServerFormat; +XMLSEC_EXPORT xmlSecXkmsServerFormat xmlSecXkmsServerFormatFromString + (const xmlChar* str); +XMLSEC_EXPORT const xmlChar* xmlSecXkmsServerFormatToString (xmlSecXkmsServerFormat format); + +/************************************************************************ + * + * XKMS requests server side processing klass + * + ************************************************************************/ /** * xmlSecXkmsServerCtx: * @userData: the pointer to user data (xmlsec and xmlsec-crypto libraries @@ -64,8 +178,8 @@ typedef struct _xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestKlass, struct _xmlSecXkmsServerCtx { /* these data user can set before performing the operation */ void* userData; - unsigned int flags; - unsigned int flags2; + xmlSecBitMask flags; + xmlSecBitMask flags2; xmlSecKeyInfoCtx keyInfoReadCtx; xmlSecKeyInfoCtx keyInfoWriteCtx; xmlSecPtrList enabledRespondWithIds; @@ -74,8 +188,8 @@ struct _xmlSecXkmsServerCtx { /* these data are returned */ xmlSecPtrList keys; - int majorError; - int minorError; + xmlSecXkmsResultMajor resultMajor; + xmlSecXkmsResultMinor resultMinor; xmlSecXkmsServerRequestId requestId; xmlChar* id; xmlChar* service; @@ -98,27 +212,28 @@ struct _xmlSecXkmsServerCtx { void* reserved1; }; -XMLSEC_EXPORT xmlSecXkmsServerCtxPtr xmlSecXkmsServerCtxCreate(xmlSecKeysMngrPtr keysMngr); +XMLSEC_EXPORT xmlSecXkmsServerCtxPtr xmlSecXkmsServerCtxCreate (xmlSecKeysMngrPtr keysMngr); XMLSEC_EXPORT void xmlSecXkmsServerCtxDestroy (xmlSecXkmsServerCtxPtr ctx); XMLSEC_EXPORT int xmlSecXkmsServerCtxInitialize (xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keysMngr); XMLSEC_EXPORT void xmlSecXkmsServerCtxFinalize (xmlSecXkmsServerCtxPtr ctx); -XMLSEC_EXPORT int xmlSecXkmsServerCtxCopyUserPref(xmlSecXkmsServerCtxPtr dst, +XMLSEC_EXPORT int xmlSecXkmsServerCtxCopyUserPref (xmlSecXkmsServerCtxPtr dst, xmlSecXkmsServerCtxPtr src); XMLSEC_EXPORT void xmlSecXkmsServerCtxReset (xmlSecXkmsServerCtxPtr ctx); -XMLSEC_EXPORT void xmlSecXkmsServerCtxSetError (xmlSecXkmsServerCtxPtr ctx, - int majorError, - int minorError); +XMLSEC_EXPORT void xmlSecXkmsServerCtxSetResult (xmlSecXkmsServerCtxPtr ctx, + xmlSecXkmsResultMajor resultMajor, + xmlSecXkmsResultMinor resultMinor); XMLSEC_EXPORT int xmlSecXkmsServerCtxRequestRead (xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node); XMLSEC_EXPORT int xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node); -XMLSEC_EXPORT int xmlSecXkmsServerCtxProcess (xmlSecXkmsServerCtxPtr ctx, +XMLSEC_EXPORT int xmlSecXkmsServerCtxProcessDoc (xmlSecXkmsServerCtxPtr ctx, xmlNodePtr inNode, - xmlNodePtr* outNode); + xmlNodePtr* outNode, + xmlSecXkmsServerFormat format); XMLSEC_EXPORT void xmlSecXkmsServerCtxDebugDump (xmlSecXkmsServerCtxPtr ctx, FILE* output); -XMLSEC_EXPORT void xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, +XMLSEC_EXPORT void xmlSecXkmsServerCtxDebugXmlDump (xmlSecXkmsServerCtxPtr ctx, FILE* output); /************************************************************************ @@ -132,148 +247,8 @@ XMLSEC_EXPORT void xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, * zmlSecXkmsServerCtx klasses list klass. */ #define xmlSecXkmsServerCtxPtrListId xmlSecXkmsServerCtxPtrListGetKlass() -XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsServerCtxPtrListGetKlass(void); - -/************************************************************************ - * - * XKMS ResultMajor attribute values. - * - ************************************************************************/ -/** - * XMLSEC_XKMS_ERROR_MAJOR_SUCCESS: - * - * XKMS ResultMajor attribute value. The operation succeeded. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_SUCCESS 0 - -/** - * XMLSEC_XKMS_ERROR_MAJOR_VERSION_MISMATCH: - * - * XKMS ResultMajor attribute value. The service does not support - * the protocol version specified in the request. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_VERSION_MISMATCH 1 - -/** - * XMLSEC_XKMS_ERROR_MAJOR_SENDER: - * - * XKMS ResultMajor attribute value. An error occurred that was due to - * the message sent by the sender. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_SENDER 2 - -/** - * XMLSEC_XKMS_ERROR_MAJOR_RECEIVER: - * - * XKMS ResultMajor attribute value. An error occurred at the receiver. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_RECEIVER 3 - -/** - * XMLSEC_XKMS_ERROR_MAJOR_REPRESENT: - * - * XKMS ResultMajor attribute value. The service has not acted on - * the request. In order for the request to be acted upon the request MUST - * be represented with the specified nonce in accordance with the two phase - * protocol. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_REPRESENT 4 - -/** - * XMLSEC_XKMS_ERROR_MAJOR_PENDING: - * - * XKMS ResultMajor attribute value. The request has been accepted - * for processing and the service will return the result asynchronously. - */ -#define XMLSEC_XKMS_ERROR_MAJOR_PENDING 5 - -/************************************************************************ - * - * XKMS ResultMinor attribute values. - * - ************************************************************************/ -/** - * XMLSEC_XKMS_ERROR_MINOR_NONE: - * - * XKMS ResultMinor attribute value. Not specified. - */ -#define XMLSEC_XKMS_ERROR_MINOR_NONE 0 - -/** - * XMLSEC_XKMS_ERROR_MINOR_NO_MATCH: - * - * XKMS ResultMinor attribute value. No match was found for the search - * prototype provided. - */ -#define XMLSEC_XKMS_ERROR_MINOR_NO_MATCH 1 - -/** - * XMLSEC_XKMS_ERROR_MINOR_TOO_MANY_RESPONSES: - * - * XKMS ResultMinor attribute value. The request resulted in the number of - * responses that exceeded either the ResponseLimit value specified in - * the request or some other limit determined by the service. - * The service MAY either return a subset of the possible - * responses or none at all. - */ -#define XMLSEC_XKMS_ERROR_MINOR_TOO_MANY_RESPONSES 2 - -/** - * XMLSEC_XKMS_ERROR_MINOR_INCOMPLETE: - * - * XKMS ResultMinor attribute value. Only part of the information requested - * could be provided. - */ -#define XMLSEC_XKMS_ERROR_MINOR_INCOMPLETE 3 - -/** - * XMLSEC_XKMS_ERROR_MINOR_FAILURE: - * - * XKMS ResultMinor attribute value. The service attempted to perform - * the request but the operation failed for unspecified reasons. - */ -#define XMLSEC_XKMS_ERROR_MINOR_FAILURE 4 - -/** - * XMLSEC_XKMS_ERROR_MINOR_REFUSED: - * - * XKMS ResultMinor attribute value. The operation was refused. The service - * did not attempt to perform the request. - */ -#define XMLSEC_XKMS_ERROR_MINOR_REFUSED 5 - -/** - * XMLSEC_XKMS_ERROR_MINOR_NO_AUTHENTICATION: - * - * XKMS ResultMinor attribute value. The operation was refused because - * the necessary authentication information was incorrect or missing. - */ -#define XMLSEC_XKMS_ERROR_MINOR_NO_AUTHENTICATION 6 - -/** - * XMLSEC_XKMS_ERROR_MINOR_MESSAGE_NOT_SUPPORTED: - * - * XKMS ResultMinor attribute value. The receiver does not implement - * the specified operation. - */ -#define XMLSEC_XKMS_ERROR_MINOR_MESSAGE_NOT_SUPPORTED 7 - -/** - * XMLSEC_XKMS_ERROR_MINOR_UNKNOWN_RESPONSE_ID: - * - * XKMS ResultMinor attribute value. The ResponseId for which pending - * status was requested is unknown to the service. - */ -#define XMLSEC_XKMS_ERROR_MINOR_UNKNOWN_RESPONSE_ID 8 - -/** - * XMLSEC_XKMS_ERROR_MINOR_NOT_SYNCHRONOUS: - * - * XKMS ResultMinor attribute value. The receiver does not support - * synchronous processing of this type of request - */ -#define XMLSEC_XKMS_ERROR_MINOR_NOT_SYNCHRONOUS 9 - +XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsServerCtxPtrListGetKlass + (void); /************************************************************************ * @@ -316,40 +291,8 @@ XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsServerCtxPtrListGetKlass(void); * * The ResponseLimit is not specified. */ -#define XMLSEC_XKMS_NO_RESPONSE_LIMIT -1 - -/************************************************************************ - * - * XKMS KeyBinding Status attribute values - * - ************************************************************************/ -/** - * XMLSEC_XKMS_KEY_BINDING_STATUS_UNKNOWN: - * - * The status is not known. - */ -#define XMLSEC_XKMS_KEY_BINDING_STATUS_UNKNOWN 0 +#define XMLSEC_XKMS_NO_RESPONSE_LIMIT -1 -/** - * XMLSEC_XKMS_KEY_BINDING_STATUS_VALID: - * - * Key is valid. - */ -#define XMLSEC_XKMS_KEY_BINDING_STATUS_VALID 1 - -/** - * XMLSEC_XKMS_KEY_BINDING_STATUS_INVALID: - * - * Key is not valid. - */ -#define XMLSEC_XKMS_KEY_BINDING_STATUS_INVALID 2 - -/** - * XMLSEC_XKMS_KEY_BINDING_STATUS_INDETERMINATE: - * - * Status can't be determinated. - */ -#define XMLSEC_XKMS_KEY_BINDING_STATUS_INDETERMINATE 3 /************************************************************************ * @@ -414,9 +357,13 @@ XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsServerCtxPtrListGetKlass(void); XMLSEC_EXPORT xmlSecPtrListPtr xmlSecXkmsRespondWithIdsGet (void); XMLSEC_EXPORT int xmlSecXkmsRespondWithIdsInit (void); XMLSEC_EXPORT void xmlSecXkmsRespondWithIdsShutdown(void); -XMLSEC_EXPORT int xmlSecXkmsRespondWithIdsRegisterDefault(void); +XMLSEC_EXPORT int xmlSecXkmsRespondWithIdsRegisterDefault + (void); XMLSEC_EXPORT int xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id); +#define xmlSecXkmsRespondWithKlassGetName(id) \ + ((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL) + XMLSEC_EXPORT int xmlSecXkmsRespondWithNodeRead (xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node); @@ -425,33 +372,17 @@ XMLSEC_EXPORT int xmlSecXkmsRespondWithNodeWrite (xmlSecXkmsRespondWithId id, xmlNodePtr node); XMLSEC_EXPORT void xmlSecXkmsRespondWithDebugDump (xmlSecXkmsRespondWithId id, FILE* output); -XMLSEC_EXPORT void xmlSecXkmsRespondWithDebugXmlDump(xmlSecXkmsRespondWithId id, +XMLSEC_EXPORT void xmlSecXkmsRespondWithDebugXmlDump + (xmlSecXkmsRespondWithId id, FILE* output); -XMLSEC_EXPORT int xmlSecXkmsRespondWithDefaultNodeRead(xmlSecXkmsRespondWithId id, - xmlSecXkmsServerCtxPtr ctx, - xmlNodePtr node); -XMLSEC_EXPORT int xmlSecXkmsRespondWithDefaultNodeWrite(xmlSecXkmsRespondWithId id, - xmlSecXkmsServerCtxPtr ctx, - xmlNodePtr node); - -typedef int (*xmlSecXkmsRespondWithNodeReadMethod) (xmlSecXkmsRespondWithId id, +XMLSEC_EXPORT int xmlSecXkmsRespondWithDefaultNodeRead + (xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node); -typedef int (*xmlSecXkmsRespondWithNodeWriteMethod) (xmlSecXkmsRespondWithId id, +XMLSEC_EXPORT int xmlSecXkmsRespondWithDefaultNodeWrite + (xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node); -struct _xmlSecXkmsRespondWithKlass { - const xmlChar* name; - const xmlChar* nodeName; - const xmlChar* nodeNs; - - xmlSecXkmsRespondWithNodeReadMethod readNode; - xmlSecXkmsRespondWithNodeWriteMethod writeNode; -}; - -#define xmlSecXkmsRespondWithKlassGetName(id) \ - ((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL) - /************************************************************************ * * XKMS RespondWith Klass List @@ -463,10 +394,11 @@ struct _xmlSecXkmsRespondWithKlass { * XKMS RespondWith klasses list klass. */ #define xmlSecXkmsRespondWithIdListId xmlSecXkmsRespondWithIdListGetKlass() -XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsRespondWithIdListGetKlass(void); -XMLSEC_EXPORT int xmlSecXkmsRespondWithIdListFind (xmlSecPtrListPtr list, +XMLSEC_EXPORT xmlSecPtrListId xmlSecXkmsRespondWithIdListGetKlass + (void); +XMLSEC_EXPORT int xmlSecXkmsRespondWithIdListFind (xmlSecPtrListPtr list, xmlSecXkmsRespondWithId id); -XMLSEC_EXPORT xmlSecXkmsRespondWithId xmlSecXkmsRespondWithIdListFindByName +XMLSEC_EXPORT xmlSecXkmsRespondWithId xmlSecXkmsRespondWithIdListFindByName (xmlSecPtrListPtr list, const xmlChar* name); XMLSEC_EXPORT int xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list, @@ -582,6 +514,9 @@ XMLSEC_EXPORT int xmlSecXkmsServerRequestIdsRegisterDefault XMLSEC_EXPORT int xmlSecXkmsServerRequestIdsRegister (xmlSecXkmsServerRequestId id); +#define xmlSecXkmsServerRequestKlassGetName(id) \ + ((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL) + XMLSEC_EXPORT int xmlSecXkmsServerRequestNodeRead (xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node); @@ -596,43 +531,6 @@ XMLSEC_EXPORT void xmlSecXkmsServerRequestDebugXmlDump (xmlSecXkmsServerRequestId id, FILE* output); -typedef int (*xmlSecXkmsServerRequestNodeReadMethod) - (xmlSecXkmsServerRequestId id, - xmlSecXkmsServerCtxPtr ctx, - xmlNodePtr node); -typedef int (*xmlSecXkmsServerRequestExecuteMethod) - (xmlSecXkmsServerRequestId id, - xmlSecXkmsServerCtxPtr ctx); -typedef int (*xmlSecXkmsServerRequestNodeWriteMethod) - (xmlSecXkmsServerRequestId id, - xmlSecXkmsServerCtxPtr ctx, - xmlNodePtr node); -/** - * XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND: - * - * This request/response can be a part of CompundRequest/CompoundResponse. - */ -#define XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND 0x00000001 - -struct _xmlSecXkmsServerRequestKlass { - const xmlChar* name; - const xmlChar* requestNodeName; - const xmlChar* requestNodeNs; - const xmlChar* resultNodeName; - const xmlChar* resultNodeNs; - xmlSecBitMask flags; - - xmlSecXkmsServerRequestNodeReadMethod readNode; - xmlSecXkmsServerRequestNodeWriteMethod writeNode; - xmlSecXkmsServerRequestExecuteMethod execute; - - void* reserved1; - void* reserved2; -}; - -#define xmlSecXkmsServerRequestKlassGetName(id) \ - ((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL) - /************************************************************************ * * XKMS ServerRequest Klass List diff --git a/src/strings.c b/src/strings.c index 28e5a38b..574ac54c 100644 --- a/src/strings.c +++ b/src/strings.c @@ -167,6 +167,11 @@ const xmlChar xmlSecResultMinorCodeNoAuthentication[] = "NoAuthentication"; const xmlChar xmlSecResultMinorCodeMessageNotSupported[]= "MessageNotSupported"; const xmlChar xmlSecResultMinorCodeUnknownResponseId[] = "UnknownResponseId"; const xmlChar xmlSecResultMinorCodeNotSynchronous[] = "NotSynchronous"; + +const xmlChar xmlSecXkmsFormatStrPlain[] = "plain"; +const xmlChar xmlSecXkmsFormatStrSoap1_1[] = "soap-1.1"; +const xmlChar xmlSecXkmsFormatStrSoap1_2[] = "soap-1.2"; + #endif /* XMLSEC_NO_XKMS */ /************************************************************************* @@ -28,15 +28,9 @@ #include <xmlsec/transforms.h> #include <xmlsec/keyinfo.h> #include <xmlsec/xkms.h> +#include <xmlsec/private/xkms.h> #include <xmlsec/errors.h> - - -/************************************************************************** - * - * - * - *************************************************************************/ /* The ID attribute in XKMS is 'Id' */ static const xmlChar* xmlSecXkmsServerIds[] = { BAD_CAST "Id", NULL }; @@ -89,82 +83,53 @@ static int xmlSecXkmsServerCtxKeyBindingStatusNodeWrite (xmlSecXkmsServerCtxPtr xmlSecKeyPtr key); -static const xmlSecString2IntegerInfo gXmlSecXkmsMajorErrorInfo[] = +static const xmlSecString2IntegerInfo gXmlSecXkmsResultMajorInfo[] = { - { xmlSecResultMajorCodeSuccess, - XMLSEC_XKMS_ERROR_MAJOR_SUCCESS }, - { xmlSecResultMajorCodeVersionMismatch, - XMLSEC_XKMS_ERROR_MAJOR_VERSION_MISMATCH }, - { xmlSecResultMajorCodeSender, - XMLSEC_XKMS_ERROR_MAJOR_SENDER }, - { xmlSecResultMajorCodeReceiver, - XMLSEC_XKMS_ERROR_MAJOR_RECEIVER }, - { xmlSecResultMajorCodeRepresent, - XMLSEC_XKMS_ERROR_MAJOR_REPRESENT }, - { xmlSecResultMajorCodePending, - XMLSEC_XKMS_ERROR_MAJOR_PENDING }, - { NULL, - 0 } /* MUST be last in the list */ + { xmlSecResultMajorCodeSuccess, xmlSecXkmsResultMajorSuccess }, + { xmlSecResultMajorCodeVersionMismatch, xmlSecXkmsResultMajorVersionMismatch }, + { xmlSecResultMajorCodeSender, xmlSecXkmsResultMajorSender }, + { xmlSecResultMajorCodeReceiver, xmlSecXkmsResultMajorReceiver }, + { xmlSecResultMajorCodeRepresent, xmlSecXkmsResultMajorRepresent }, + { xmlSecResultMajorCodePending, xmlSecXkmsResultMajorPending, }, + { NULL, 0 } /* MUST be last in the list */ }; static const xmlSecString2IntegerInfo gXmlSecXkmsMinorErrorInfo[] = { - { xmlSecResultMinorCodeNoMatch, - XMLSEC_XKMS_ERROR_MINOR_NO_MATCH }, - { xmlSecResultMinorCodeTooManyResponses, - XMLSEC_XKMS_ERROR_MINOR_TOO_MANY_RESPONSES }, - { xmlSecResultMinorCodeIncomplete, - XMLSEC_XKMS_ERROR_MINOR_INCOMPLETE }, - { xmlSecResultMinorCodeFailure, - XMLSEC_XKMS_ERROR_MINOR_FAILURE }, - { xmlSecResultMinorCodeRefused, - XMLSEC_XKMS_ERROR_MINOR_REFUSED }, - { xmlSecResultMinorCodeNoAuthentication, - XMLSEC_XKMS_ERROR_MINOR_NO_AUTHENTICATION }, - { xmlSecResultMinorCodeMessageNotSupported, - XMLSEC_XKMS_ERROR_MINOR_MESSAGE_NOT_SUPPORTED }, - { xmlSecResultMinorCodeUnknownResponseId, - XMLSEC_XKMS_ERROR_MINOR_UNKNOWN_RESPONSE_ID }, - { xmlSecResultMinorCodeNotSynchronous, - XMLSEC_XKMS_ERROR_MINOR_NOT_SYNCHRONOUS }, - { NULL, - 0 } /* MUST be last in the list */ + { xmlSecResultMinorCodeNoMatch, xmlSecXkmsResultMinorNoMatch }, + { xmlSecResultMinorCodeTooManyResponses, xmlSecXkmsResultMinorTooManyResponses }, + { xmlSecResultMinorCodeIncomplete, xmlSecXkmsResultMinorIncomplete }, + { xmlSecResultMinorCodeFailure, xmlSecXkmsResultMinorFailure }, + { xmlSecResultMinorCodeRefused, xmlSecXkmsResultMinorRefused }, + { xmlSecResultMinorCodeNoAuthentication, xmlSecXkmsResultMinorNoAuthentication }, + { xmlSecResultMinorCodeMessageNotSupported, xmlSecXkmsResultMinorMessageNotSupported }, + { xmlSecResultMinorCodeUnknownResponseId, xmlSecXkmsResultMinorUnknownResponseId }, + { xmlSecResultMinorCodeNotSynchronous, xmlSecXkmsResultMinorSynchronous }, + { NULL, 0 } /* MUST be last in the list */ }; -static const xmlSecString2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] = +static const xmlSecString2IntegerInfo gXmlSecXkmsKeyBindingStatusInfo[] = { - { xmlSecResponseMechanismRepresent, - XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT }, - { xmlSecResponseMechanismPending, - XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING }, - { xmlSecResponseMechanismRequestSignatureValue, - XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE }, - { NULL, - 0 } /* MUST be last in the list */ + { xmlSecKeyBindingStatusValid, xmlSecXkmsKeyBindingStatusValid }, + { xmlSecKeyBindingStatusInvalid, xmlSecXkmsKeyBindingStatusInvalid }, + { xmlSecKeyBindingStatusIndeterminate, xmlSecXkmsKeyBindingStatusIndeterminate }, + { NULL, 0 } /* MUST be last in the list */ }; -static const xmlSecString2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] = +static const xmlSecString2IntegerInfo gXmlSecXkmsFormatInfo[] = { - { xmlSecKeyUsageEncryption, - xmlSecKeyUsageEncrypt | xmlSecKeyUsageDecrypt }, - { xmlSecKeyUsageSignature, - xmlSecKeyUsageSign | xmlSecKeyUsageVerify }, - { xmlSecKeyUsageExchange, - xmlSecKeyUsageKeyExchange}, - { NULL, - 0 } /* MUST be last in the list */ + { xmlSecXkmsFormatStrPlain, xmlSecXkmsServerFormatPlain }, + { xmlSecXkmsFormatStrSoap1_1, xmlSecXkmsServerFormatSoap1_1 }, + { xmlSecXkmsFormatStrSoap1_2, xmlSecXkmsServerFormatSoap1_2 }, + { NULL, 0 } /* MUST be last in the list */ }; -static const xmlSecString2IntegerInfo gXmlSecXkmsKeyBindingStatusInfo[] = +static const xmlSecString2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] = { - { xmlSecKeyBindingStatusValid, - XMLSEC_XKMS_KEY_BINDING_STATUS_VALID }, - { xmlSecKeyBindingStatusInvalid, - XMLSEC_XKMS_KEY_BINDING_STATUS_INVALID }, - { xmlSecKeyBindingStatusIndeterminate, - XMLSEC_XKMS_KEY_BINDING_STATUS_INDETERMINATE }, - { NULL, - 0 } /* MUST be last in the list */ + { xmlSecKeyUsageEncryption, xmlSecKeyUsageEncrypt | xmlSecKeyUsageDecrypt }, + { xmlSecKeyUsageSignature, xmlSecKeyUsageSign | xmlSecKeyUsageVerify }, + { xmlSecKeyUsageExchange, xmlSecKeyUsageKeyExchange}, + { NULL, 0 } /* MUST be last in the list */ }; static const xmlSecString2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] = @@ -181,6 +146,62 @@ static const xmlSecString2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] = 0 } /* MUST be last in the list */ }; +static const xmlSecString2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] = +{ + { xmlSecResponseMechanismRepresent, + XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT }, + { xmlSecResponseMechanismPending, + XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING }, + { xmlSecResponseMechanismRequestSignatureValue, + XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE }, + { NULL, + 0 } /* MUST be last in the list */ +}; + +/** + * xmlSecXkmsServerFormatFromString: + * @str the string. + * + * Gets xmlSecXkmsServerFormat from string @str. + * + * Returns corresponding format or xmlSecXkmsServerFormatUnknown + * if format could not be recognized. + */ +xmlSecXkmsServerFormat +xmlSecXkmsServerFormatFromString(const xmlChar* str) { + int res; + int ret; + + xmlSecAssert2(str != NULL, xmlSecXkmsServerFormatUnknown); + + ret = xmlSecString2IntegerGetInteger(gXmlSecXkmsFormatInfo, str, &res); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecString2IntegerGetInteger", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(xmlSecXkmsServerFormatUnknown); + } + + return((xmlSecXkmsServerFormat)res); +} + +/** + * xmlSecXkmsServerFormatToString: + * @format: the format. + * + * Gets string from @format. + * + * Returns string corresponding to @format or NULL if an error occurs. + */ +const xmlChar* +xmlSecXkmsServerFormatToString (xmlSecXkmsServerFormat format) { + xmlSecAssert2(format != xmlSecXkmsServerFormatUnknown, NULL); + + return(xmlSecString2IntegerGetString(gXmlSecXkmsFormatInfo, format)); +} + /** * xmlSecXkmsServerCtxCreate: * @keysMngr: the pointer to keys manager. @@ -254,8 +275,8 @@ xmlSecXkmsServerCtxInitialize(xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keys memset(ctx, 0, sizeof(xmlSecXkmsServerCtx)); - ctx->majorError = XMLSEC_XKMS_ERROR_MAJOR_SUCCESS; - ctx->minorError = XMLSEC_XKMS_ERROR_MINOR_NONE; + ctx->resultMajor = xmlSecXkmsResultMajorSuccess; + ctx->resultMinor = xmlSecXkmsResultMinorNone; ctx->responseLimit = XMLSEC_XKMS_NO_RESPONSE_LIMIT; /* initialize key info */ @@ -365,8 +386,8 @@ void xmlSecXkmsServerCtxReset(xmlSecXkmsServerCtxPtr ctx) { xmlSecAssert(ctx != NULL); - ctx->majorError = XMLSEC_XKMS_ERROR_MAJOR_SUCCESS; - ctx->minorError = XMLSEC_XKMS_ERROR_MINOR_NONE; + ctx->resultMajor = xmlSecXkmsResultMajorSuccess; + ctx->resultMinor = xmlSecXkmsResultMinorNone; xmlSecKeyInfoCtxReset(&(ctx->keyInfoReadCtx)); xmlSecKeyInfoCtxReset(&(ctx->keyInfoWriteCtx)); xmlSecPtrListEmpty(&(ctx->keys)); @@ -482,25 +503,28 @@ xmlSecXkmsServerCtxCopyUserPref(xmlSecXkmsServerCtxPtr dst, xmlSecXkmsServerCtxP } /** - * xmlSecXkmsServerCtxSetError: - * @ctx: the pointer to XKMS processing context. - * @majorError: the major error code. - * @minorError: the minor error code. + * xmlSecXkmsServerCtxSetResult: + * @ctx: the pointer to XKMS processing context. + * @resultMajor: the major result code. + * @resultMinor: the minor result code. * - * Sets the major/minor error code in the context if no other error is already + * Sets the major/minor result code in the context if no other result is already * reported. */ void -xmlSecXkmsServerCtxSetError(xmlSecXkmsServerCtxPtr ctx, int majorError, int minorError) { +xmlSecXkmsServerCtxSetResult(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsResultMajor resultMajor, + xmlSecXkmsResultMinor resultMinor) { xmlSecAssert(ctx != NULL); - if((ctx->majorError == XMLSEC_XKMS_ERROR_MAJOR_SUCCESS) && (minorError != XMLSEC_XKMS_ERROR_MAJOR_SUCCESS)) { - ctx->majorError = majorError; - ctx->minorError = minorError; - } else if((ctx->majorError == XMLSEC_XKMS_ERROR_MAJOR_SUCCESS) && (ctx->minorError == XMLSEC_XKMS_ERROR_MINOR_NONE)) { - xmlSecAssert(majorError == XMLSEC_XKMS_ERROR_MAJOR_SUCCESS); + if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && + (resultMinor != xmlSecXkmsResultMajorSuccess)) { + ctx->resultMajor = resultMajor; + ctx->resultMinor = resultMinor; + } else if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && + (ctx->resultMinor == xmlSecXkmsResultMinorNone)) { + xmlSecAssert(resultMajor == xmlSecXkmsResultMajorSuccess); - ctx->minorError = minorError; + ctx->resultMinor = resultMinor; } } @@ -536,7 +560,7 @@ xmlSecXkmsServerCtxRequestRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) { XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(node->name)); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_MESSAGE_NOT_SUPPORTED); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported); return(-1); } @@ -549,7 +573,7 @@ xmlSecXkmsServerCtxRequestRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) { XMLSEC_ERRORS_R_XMLSEC_FAILED, "request=%s", xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId))); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure); return(-1); } @@ -579,7 +603,7 @@ xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) { /* if the request is not specified then write generic xkms:Result response * with ane error */ if((ctx->requestId == NULL) || (ctx->requestId->resultNodeName == NULL)) { - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure); ctx->requestId = xmlSecXkmsServerRequestResultId; } @@ -594,7 +618,7 @@ xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) { "xmlSecAddChild", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); goto error; } } else { @@ -611,7 +635,7 @@ xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) { if(doc != NULL) { xmlFreeDoc(doc); } - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); goto error; } cur = xmlDocGetRootElement(doc); @@ -627,7 +651,7 @@ xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) { XMLSEC_ERRORS_R_XMLSEC_FAILED, "request=%s", xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId))); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); goto error; } @@ -661,7 +685,7 @@ error: "xmlSecXkmsServerCtxResponseWrite", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); return(-1); } @@ -669,10 +693,11 @@ error: } /** - * xmlSecXkmsServerCtxProcess: + * xmlSecXkmsServerCtxProcessDoc: * @ctx: the pointer to XKMS processing context. * @inNode: the pointer to request node. * @outNode: the pointer to response node. + * @format: the request/response format. * * Reads XKMS request from @inNode and writes response back in @outNode. * If @outNode value is not NULL then a new child is added to it. Otherwise, @@ -682,7 +707,8 @@ error: * Returns 0 on success or a negative value if an error occurs. */ int -xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr inNode, xmlNodePtr* outNode) { +xmlSecXkmsServerCtxProcessDoc(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr inNode, + xmlNodePtr* outNode, xmlSecXkmsServerFormat format) { int ret; xmlSecAssert2(ctx != NULL, -1); @@ -697,7 +723,7 @@ xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr inNode, xmlNod XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(inNode->name)); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); goto done; } @@ -709,7 +735,7 @@ xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr inNode, xmlNod XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(inNode->name)); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); goto done; } @@ -723,7 +749,7 @@ done: XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(inNode->name)); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); return(-1); } @@ -749,10 +775,10 @@ xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) { xmlSecXkmsServerRequestKlassGetName(ctx->requestId) : BAD_CAST "NULL"); - xmlSecString2IntegerDebugDump(gXmlSecXkmsMajorErrorInfo, - ctx->majorError, BAD_CAST "majorError", output); + xmlSecString2IntegerDebugDump(gXmlSecXkmsResultMajorInfo, + ctx->resultMajor, BAD_CAST "resultMajor", output); xmlSecString2IntegerDebugDump(gXmlSecXkmsMinorErrorInfo, - ctx->minorError, BAD_CAST "minorError", output); + ctx->resultMinor, BAD_CAST "resultMinor", output); fprintf(output, "== id: %s\n", (ctx->id) ? ctx->id : BAD_CAST ""); @@ -832,10 +858,10 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) { xmlSecXkmsServerRequestKlassGetName(ctx->requestId) : BAD_CAST "NULL"); - xmlSecString2IntegerDebugXmlDump(gXmlSecXkmsMajorErrorInfo, - ctx->majorError, BAD_CAST "MajorError", output); + xmlSecString2IntegerDebugXmlDump(gXmlSecXkmsResultMajorInfo, + ctx->resultMajor, BAD_CAST "MajorError", output); xmlSecString2IntegerDebugXmlDump(gXmlSecXkmsMinorErrorInfo, - ctx->minorError, BAD_CAST "MinorError", output); + ctx->resultMinor, BAD_CAST "MinorError", output); fprintf(output, "<Id>%s</Id>\n", (ctx->id) ? ctx->id : BAD_CAST ""); @@ -1711,8 +1737,8 @@ xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no /* set major code (required) */ - ret = xmlSecString2IntegerAttributeWrite(gXmlSecXkmsMajorErrorInfo, node, - xmlSecAttrResultMajor, ctx->majorError); + ret = xmlSecString2IntegerAttributeWrite(gXmlSecXkmsResultMajorInfo, node, + xmlSecAttrResultMajor, ctx->resultMajor); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -1720,14 +1746,14 @@ xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s,value=%d", xmlSecErrorsSafeString(xmlSecAttrResultMajor), - ctx->majorError); + ctx->resultMajor); return(-1); } /* set minor code (optional) */ - if(ctx->minorError != XMLSEC_XKMS_ERROR_MINOR_NONE) { + if(ctx->resultMinor != xmlSecXkmsResultMinorNone) { ret = xmlSecString2IntegerAttributeWrite(gXmlSecXkmsMinorErrorInfo, node, - xmlSecAttrResultMinor, ctx->minorError); + xmlSecAttrResultMinor, ctx->resultMinor); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -1735,7 +1761,7 @@ xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s,value=%d", xmlSecErrorsSafeString(xmlSecAttrResultMinor), - ctx->minorError); + ctx->resultMinor); return(-1); } } @@ -1747,7 +1773,7 @@ xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no /* <xkms:OpaqueClientData/>: An XKMS service SHOULD return the value of * the <OpaqueClientData> element unmodified in a request in a response * with status code Succes */ - if((ctx->majorError == XMLSEC_XKMS_ERROR_MAJOR_SUCCESS) && (ctx->opaqueClientDataNode != NULL)) { + if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && (ctx->opaqueClientDataNode != NULL)) { xmlNodePtr copyNode; copyNode = xmlDocCopyNode(ctx->opaqueClientDataNode, node->doc, 1); @@ -1997,7 +2023,7 @@ xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNode /* if we are here then the key was validated */ ret = xmlSecString2IntegerAttributeWrite(gXmlSecXkmsKeyBindingStatusInfo, cur, - xmlSecAttrStatusValue, XMLSEC_XKMS_KEY_BINDING_STATUS_VALID); + xmlSecAttrStatusValue, xmlSecXkmsKeyBindingStatusValid); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, @@ -2462,7 +2488,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyNameKlass = { xmlSecNodeKeyName, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2487,7 +2515,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyValueKlass = { xmlSecNodeKeyValue, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithKeyValueNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2539,7 +2569,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPrivateKeyKlass = { xmlSecNodeKeyValue, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithPrivateKeyNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2588,7 +2620,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithRetrievalMethodKlass = { xmlSecNodeRetrievalMethod, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2613,7 +2647,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CertKlass = { xmlSecNodeX509Data, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithX509CertNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2659,7 +2695,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509ChainKlass = { xmlSecNodeX509Data, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithX509ChainNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2705,7 +2743,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CRLKlass = { xmlSecNodeX509Data, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithX509CRLNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2748,7 +2788,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPGPKlass = { xmlSecNodePGPData, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -2768,7 +2810,9 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithSPKIKlass = { xmlSecNodeSPKIData, /* const xmlChar* nodeName; */ xmlSecDSigNs, /* const xmlChar* nodeNs; */ xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */ - xmlSecXkmsRespondWithDefaultNodeWrite /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */ + NULL, /* void* reserved1; */ + NULL /* void* reserved2; */ }; /** @@ -3506,7 +3550,7 @@ xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(node->name)); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_MESSAGE_NOT_SUPPORTED); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported); return(-1); } @@ -3518,7 +3562,7 @@ xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms XMLSEC_ERRORS_R_XMLSEC_FAILED, "request=%s", xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId))); - xmlSecXkmsServerCtxSetError(ctxChild, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure); return(-1); } cur = xmlSecGetNextElementNode(cur->next); @@ -3589,7 +3633,6 @@ xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkm for(pos = 0; pos < xmlSecPtrListGetSize(ctx->compoundRequestContexts); pos++) { xmlSecXkmsServerCtxPtr ctxChild; - xmlNodePtr cur; ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos); if(ctxChild == NULL) { @@ -3601,8 +3644,8 @@ xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkm return(-1); } - if(ctxChild->majorError != XMLSEC_XKMS_ERROR_MAJOR_SUCCESS) { - xmlSecXkmsServerCtxSetError(ctx, ctxChild->majorError, ctxChild->minorError); + if(ctxChild->resultMajor != xmlSecXkmsResultMajorSuccess) { + xmlSecXkmsServerCtxSetResult(ctx, ctxChild->resultMajor, ctxChild->resultMinor); break; } } @@ -3685,7 +3728,7 @@ xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsS "xmlSecPtrListGetItem", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_RECEIVER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure); continue; } @@ -3697,7 +3740,7 @@ xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsS XMLSEC_ERRORS_R_XMLSEC_FAILED, "request=%s", xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId))); - xmlSecXkmsServerCtxSetError(ctxChild, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_FAILURE); + xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure); continue; } } @@ -3944,7 +3987,7 @@ xmlSecXkmsServerRequestLocateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsSer if(key != NULL) { xmlSecKeyDestroy(key); } - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_NO_MATCH); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch); return(-1); } @@ -4206,7 +4249,7 @@ xmlSecXkmsServerRequestValidateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsS if(key != NULL) { xmlSecKeyDestroy(key); } - xmlSecXkmsServerCtxSetError(ctx, XMLSEC_XKMS_ERROR_MAJOR_SENDER, XMLSEC_XKMS_ERROR_MINOR_NO_MATCH); + xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch); return(-1); } diff --git a/tests/testXKMS.sh b/tests/testXKMS.sh index 3f2e7222..b1dbfb2c 100755 --- a/tests/testXKMS.sh +++ b/tests/testXKMS.sh @@ -52,7 +52,7 @@ printRes() { fi } -execXkmsServerTest() { +execXkmsServerRequestTest() { src_file=$topfolder/$1.xml res_file=$topfolder/$1-$2.xml echo "$1 ($2)" @@ -60,8 +60,8 @@ execXkmsServerTest() { rm -f $tmpfile printf " Processing xkms request " - echo "$xmlsec_app --xkms-server --output $tmpfile $xmlsec_params $3 $src_file" >> $logfile - $VALGRIND $xmlsec_app --xkms-server --output $tmpfile $xmlsec_params $3 $src_file >> $logfile 2>> $logfile + echo "$xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $3 $src_file" >> $logfile + $VALGRIND $xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $3 $src_file >> $logfile 2>> $logfile if [ $? = 0 ]; then diff $res_file $tmpfile >> $logfile 2>> $logfile printRes $? @@ -76,33 +76,33 @@ echo "--- log file is $logfile" echo "--- testXKMS started for xmlsec-$crypto library ($timestamp)" >> $logfile echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/locate-example-1" "no-match" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/locate-example-1" "bad-service" \ - "--xkms-server-service http://www.example.com/xkms-bad-service" + "--xkms-service http://www.example.com/xkms-bad-service" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/locate-example-2" "no-match" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/validate-example-1" "no-match" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/compound-example-1" "no-match" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/status-request" "success" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" -execXkmsServerTest \ +execXkmsServerRequestTest \ "aleksey-xkms-01/bad-request-name" "not-supported" \ - "--xkms-server-service http://www.example.com/xkms" + "--xkms-service http://www.example.com/xkms" rm -rf $tmpfile diff --git a/xmlsec.spec.in b/xmlsec.spec.in index 8623fa19..89fda644 100644 --- a/xmlsec.spec.in +++ b/xmlsec.spec.in @@ -143,6 +143,7 @@ rm -rf $RPM_BUILD_ROOT %{prefix}/bin/xmlsec1-config %{prefix}/include/xmlsec1/xmlsec/*.h +%{prefix}/include/xmlsec1/xmlsec/private/*.h %{prefix}/lib/libxmlsec1.*a %{prefix}/lib/pkgconfig/xmlsec1.pc %{prefix}/lib/xmlsec1Conf.sh |