diff options
author | Anas Nashif <anas.nashif@intel.com> | 2013-09-20 04:45:41 -0400 |
---|---|---|
committer | Anas Nashif <anas.nashif@intel.com> | 2013-09-20 04:45:41 -0400 |
commit | 6b6383d52bc147134bb6b60b07e924b176c67e3a (patch) | |
tree | 9753a1ec40b1fbe2acfaa881af46e3c0f7da6401 /src/nss/signatures.c | |
parent | 07bb297329b9e9754d09dcb6d70417272a626619 (diff) | |
download | xmlsec1-6b6383d52bc147134bb6b60b07e924b176c67e3a.tar.gz xmlsec1-6b6383d52bc147134bb6b60b07e924b176c67e3a.tar.bz2 xmlsec1-6b6383d52bc147134bb6b60b07e924b176c67e3a.zip |
Imported Upstream version 1.2.19
Diffstat (limited to 'src/nss/signatures.c')
-rw-r--r-- | src/nss/signatures.c | 883 |
1 files changed, 587 insertions, 296 deletions
diff --git a/src/nss/signatures.c b/src/nss/signatures.c index 3c9639c3..4f54170e 100644 --- a/src/nss/signatures.c +++ b/src/nss/signatures.c @@ -1,9 +1,9 @@ -/** +/** * XMLSec library * * This is free software; see Copyright file in the source * distribution for preciese wording. - * + * * Copyright (c) 2003 America Online, Inc. All rights reserved. */ #include "globals.h" @@ -29,24 +29,24 @@ * Internal NSS signatures ctx * *****************************************************************************/ -typedef struct _xmlSecNssSignatureCtx xmlSecNssSignatureCtx, - *xmlSecNssSignatureCtxPtr; +typedef struct _xmlSecNssSignatureCtx xmlSecNssSignatureCtx, + *xmlSecNssSignatureCtxPtr; struct _xmlSecNssSignatureCtx { - xmlSecKeyDataId keyId; + xmlSecKeyDataId keyId; SECOidTag alg; union { struct { - SGNContext *sigctx; - SECKEYPrivateKey *privkey; + SGNContext *sigctx; + SECKEYPrivateKey *privkey; } sig; struct { - VFYContext *vfyctx; - SECKEYPublicKey *pubkey; + VFYContext *vfyctx; + SECKEYPublicKey *pubkey; } vfy; } u; -}; +}; /****************************************************************************** * @@ -55,88 +55,143 @@ struct _xmlSecNssSignatureCtx { * xmlSecNssSignatureCtx is located after xmlSecTransform * *****************************************************************************/ -#define xmlSecNssSignatureSize \ +#define xmlSecNssSignatureSize \ (sizeof(xmlSecTransform) + sizeof(xmlSecNssSignatureCtx)) #define xmlSecNssSignatureGetCtx(transform) \ ((xmlSecNssSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform))) -static int xmlSecNssSignatureCheckId (xmlSecTransformPtr transform); -static int xmlSecNssSignatureInitialize (xmlSecTransformPtr transform); -static void xmlSecNssSignatureFinalize (xmlSecTransformPtr transform); -static int xmlSecNssSignatureSetKeyReq (xmlSecTransformPtr transform, - xmlSecKeyReqPtr keyReq); -static int xmlSecNssSignatureSetKey (xmlSecTransformPtr transform, - xmlSecKeyPtr key); -static int xmlSecNssSignatureVerify (xmlSecTransformPtr transform, - const xmlSecByte* data, - xmlSecSize dataSize, - xmlSecTransformCtxPtr transformCtx); -static int xmlSecNssSignatureExecute (xmlSecTransformPtr transform, - int last, - xmlSecTransformCtxPtr transformCtx); +static int xmlSecNssSignatureCheckId (xmlSecTransformPtr transform); +static int xmlSecNssSignatureInitialize (xmlSecTransformPtr transform); +static void xmlSecNssSignatureFinalize (xmlSecTransformPtr transform); +static int xmlSecNssSignatureSetKeyReq (xmlSecTransformPtr transform, + xmlSecKeyReqPtr keyReq); +static int xmlSecNssSignatureSetKey (xmlSecTransformPtr transform, + xmlSecKeyPtr key); +static int xmlSecNssSignatureVerify (xmlSecTransformPtr transform, + const xmlSecByte* data, + xmlSecSize dataSize, + xmlSecTransformCtxPtr transformCtx); +static int xmlSecNssSignatureExecute (xmlSecTransformPtr transform, + int last, + xmlSecTransformCtxPtr transformCtx); static int xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) { #ifndef XMLSEC_NO_DSA if(xmlSecTransformCheckId(transform, xmlSecNssTransformDsaSha1Id)) { - return(1); + return(1); } #endif /* XMLSEC_NO_DSA */ #ifndef XMLSEC_NO_RSA + +#ifndef XMLSEC_NO_MD5 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) { + return(1); + } +#endif /* XMLSEC_NO_MD5 */ + +#ifndef XMLSEC_NO_SHA1 if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) { - return(1); + return(1); + } +#endif /* XMLSEC_NO_SHA1 */ + +#ifndef XMLSEC_NO_SHA256 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) { + return(1); } +#endif /* XMLSEC_NO_SHA256 */ + +#ifndef XMLSEC_NO_SHA384 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) { + return(1); + } +#endif /* XMLSEC_NO_SHA384 */ + +#ifndef XMLSEC_NO_SHA512 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) { + return(1); + } +#endif /* XMLSEC_NO_SHA512 */ + #endif /* XMLSEC_NO_RSA */ return(0); } -static int +static int xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) { xmlSecNssSignatureCtxPtr ctx; - + xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1); ctx = xmlSecNssSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); - memset(ctx, 0, sizeof(xmlSecNssSignatureCtx)); + memset(ctx, 0, sizeof(xmlSecNssSignatureCtx)); #ifndef XMLSEC_NO_DSA if(xmlSecTransformCheckId(transform, xmlSecNssTransformDsaSha1Id)) { - ctx->keyId = xmlSecNssKeyDataDsaId; - - /* This creates a signature which is ASN1 encoded */ - /*ctx->alg = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;*/ - - /* Fortezza uses the same DSA signature format as XML does. - * DSA and FORTEZZA keys are treated as equivalent keys for doing - * DSA signatures (which is how they are supposed to be treated). - */ - ctx->alg = SEC_OID_MISSI_DSS; - } else + ctx->keyId = xmlSecNssKeyDataDsaId; + /* This creates a signature which is ASN1 encoded */ + ctx->alg = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; + } else #endif /* XMLSEC_NO_DSA */ #ifndef XMLSEC_NO_RSA + +#ifndef XMLSEC_NO_MD5 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) { + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; + } else +#endif /* XMLSEC_NO_MD5 */ + + +#ifndef XMLSEC_NO_SHA1 if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) { - ctx->keyId = xmlSecNssKeyDataRsaId; - ctx->alg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; - } else + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; + } else +#endif /* XMLSEC_NO_SHA1 */ + +#ifndef XMLSEC_NO_SHA256 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) { + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; + } else +#endif /* XMLSEC_NO_SHA256 */ + +#ifndef XMLSEC_NO_SHA384 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) { + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION; + } else +#endif /* XMLSEC_NO_SHA384 */ + +#ifndef XMLSEC_NO_SHA512 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) { + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; + } else +#endif /* XMLSEC_NO_SHA512 */ + #endif /* XMLSEC_NO_RSA */ - if(1) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_TRANSFORM, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } + + if(1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + NULL, + XMLSEC_ERRORS_R_INVALID_TRANSFORM, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } return(0); } -static void +static void xmlSecNssSignatureFinalize(xmlSecTransformPtr transform) { xmlSecNssSignatureCtxPtr ctx; @@ -146,23 +201,23 @@ xmlSecNssSignatureFinalize(xmlSecTransformPtr transform) { ctx = xmlSecNssSignatureGetCtx(transform); xmlSecAssert(ctx != NULL); - + if (transform->operation == xmlSecTransformOperationSign) { - SGN_DestroyContext(ctx->u.sig.sigctx, PR_TRUE); - if (ctx->u.sig.privkey) { - SECKEY_DestroyPrivateKey(ctx->u.sig.privkey); - } + SGN_DestroyContext(ctx->u.sig.sigctx, PR_TRUE); + if (ctx->u.sig.privkey) { + SECKEY_DestroyPrivateKey(ctx->u.sig.privkey); + } } else { - VFY_DestroyContext(ctx->u.vfy.vfyctx, PR_TRUE); - if (ctx->u.vfy.pubkey) { - SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey); - } + VFY_DestroyContext(ctx->u.vfy.vfyctx, PR_TRUE); + if (ctx->u.vfy.pubkey) { + SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey); + } } - memset(ctx, 0, sizeof(xmlSecNssSignatureCtx)); + memset(ctx, 0, sizeof(xmlSecNssSignatureCtx)); } -static int +static int xmlSecNssSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecNssSignatureCtxPtr ctx; xmlSecKeyDataPtr value; @@ -179,58 +234,58 @@ xmlSecNssSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { value = xmlSecKeyGetValue(key); xmlSecAssert2(value != NULL, -1); - + if (transform->operation == xmlSecTransformOperationSign) { - if (ctx->u.sig.privkey) - SECKEY_DestroyPrivateKey(ctx->u.sig.privkey); - ctx->u.sig.privkey = xmlSecNssPKIKeyDataGetPrivKey(value); - if(ctx->u.sig.privkey == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecNssPKIKeyDataGetPrivKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ctx->u.sig.sigctx = SGN_NewContext(ctx->alg, ctx->u.sig.privkey); + if (ctx->u.sig.privkey) + SECKEY_DestroyPrivateKey(ctx->u.sig.privkey); + ctx->u.sig.privkey = xmlSecNssPKIKeyDataGetPrivKey(value); + if(ctx->u.sig.privkey == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "xmlSecNssPKIKeyDataGetPrivKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + ctx->u.sig.sigctx = SGN_NewContext(ctx->alg, ctx->u.sig.privkey); if (ctx->u.sig.sigctx == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "SGN_NewContext", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "SGN_NewContext", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); } } else { - if (ctx->u.vfy.pubkey) - SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey); - ctx->u.vfy.pubkey = xmlSecNssPKIKeyDataGetPubKey(value); - if(ctx->u.vfy.pubkey == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecNssPKIKeyDataGetPubKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ctx->u.vfy.vfyctx = VFY_CreateContext(ctx->u.vfy.pubkey, NULL, - ctx->alg, NULL); - if (ctx->u.vfy.vfyctx == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "VFY_CreateContext", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); + if (ctx->u.vfy.pubkey) + SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey); + ctx->u.vfy.pubkey = xmlSecNssPKIKeyDataGetPubKey(value); + if(ctx->u.vfy.pubkey == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "xmlSecNssPKIKeyDataGetPubKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + ctx->u.vfy.vfyctx = VFY_CreateContext(ctx->u.vfy.pubkey, NULL, + ctx->alg, NULL); + if (ctx->u.vfy.vfyctx == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "VFY_CreateContext", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); } } - + return(0); } -static int +static int xmlSecNssSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecNssSignatureCtxPtr ctx; @@ -246,23 +301,23 @@ xmlSecNssSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyRe keyReq->keyId = ctx->keyId; if(transform->operation == xmlSecTransformOperationSign) { keyReq->keyType = xmlSecKeyDataTypePrivate; - keyReq->keyUsage = xmlSecKeyUsageSign; + keyReq->keyUsage = xmlSecKeyUsageSign; } else { keyReq->keyType = xmlSecKeyDataTypePublic; - keyReq->keyUsage = xmlSecKeyUsageVerify; + keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); } static int -xmlSecNssSignatureVerify(xmlSecTransformPtr transform, - const xmlSecByte* data, xmlSecSize dataSize, - xmlSecTransformCtxPtr transformCtx) { +xmlSecNssSignatureVerify(xmlSecTransformPtr transform, + const xmlSecByte* data, xmlSecSize dataSize, + xmlSecTransformCtxPtr transformCtx) { xmlSecNssSignatureCtxPtr ctx; SECStatus status; SECItem signature; - + xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1); xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1); @@ -275,31 +330,52 @@ xmlSecNssSignatureVerify(xmlSecTransformPtr transform, signature.data = (unsigned char *)data; signature.len = dataSize; - status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signature); + + if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) { + /* This creates a signature which is ASN1 encoded */ + SECItem signatureDer; + SECStatus statusDer; + + statusDer = DSAU_EncodeDerSig(&signatureDer, &signature); + if(statusDer != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "DSAU_EncodeDerSig", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", + PORT_GetError()); + return(-1); + } + status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signatureDer); + SECITEM_FreeItem(&signatureDer, PR_FALSE); + } else { + status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signature); + } if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "VFY_Update, VFY_End", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - - if (PORT_GetError() == SEC_ERROR_PKCS7_BAD_SIGNATURE) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "VFY_End", - XMLSEC_ERRORS_R_DATA_NOT_MATCH, - "signature does not verify"); - transform->status = xmlSecTransformStatusFail; - } - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "VFY_EndWithSignature", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", + PORT_GetError()); + + if (PORT_GetError() == SEC_ERROR_PKCS7_BAD_SIGNATURE) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "VFY_EndWithSignature", + XMLSEC_ERRORS_R_DATA_NOT_MATCH, + "signature does not verify"); + transform->status = xmlSecTransformStatusFail; + } + return(-1); } transform->status = xmlSecTransformStatusOk; return(0); } -static int +static int xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecNssSignatureCtxPtr ctx; xmlSecBufferPtr in, out; @@ -307,7 +383,7 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor SECStatus status; SECItem signature; int ret; - + xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1); @@ -319,136 +395,158 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor in = &(transform->inBuf); out = &(transform->outBuf); inSize = xmlSecBufferGetSize(in); - outSize = xmlSecBufferGetSize(out); - + outSize = xmlSecBufferGetSize(out); + ctx = xmlSecNssSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); if(transform->operation == xmlSecTransformOperationSign) { - xmlSecAssert2(ctx->u.sig.sigctx != NULL, -1); - xmlSecAssert2(ctx->u.sig.privkey != NULL, -1); + xmlSecAssert2(ctx->u.sig.sigctx != NULL, -1); + xmlSecAssert2(ctx->u.sig.privkey != NULL, -1); } else { - xmlSecAssert2(ctx->u.vfy.vfyctx != NULL, -1); - xmlSecAssert2(ctx->u.vfy.pubkey != NULL, -1); + xmlSecAssert2(ctx->u.vfy.vfyctx != NULL, -1); + xmlSecAssert2(ctx->u.vfy.pubkey != NULL, -1); } if(transform->status == xmlSecTransformStatusNone) { - xmlSecAssert2(outSize == 0, -1); - - if(transform->operation == xmlSecTransformOperationSign) { - status = SGN_Begin(ctx->u.sig.sigctx); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "SGN_Begin", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); - } - } else { - status = VFY_Begin(ctx->u.vfy.vfyctx); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "VFY_Begin", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); - } - } - transform->status = xmlSecTransformStatusWorking; + xmlSecAssert2(outSize == 0, -1); + + if(transform->operation == xmlSecTransformOperationSign) { + status = SGN_Begin(ctx->u.sig.sigctx); + if(status != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "SGN_Begin", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); + } + } else { + status = VFY_Begin(ctx->u.vfy.vfyctx); + if(status != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "VFY_Begin", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); + } + } + transform->status = xmlSecTransformStatusWorking; } - + if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) { - xmlSecAssert2(outSize == 0, -1); - - if(transform->operation == xmlSecTransformOperationSign) { - status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inSize); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "SGN_Update", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); - } - } else { - status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inSize); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "VFY_Update", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); - } - } - - ret = xmlSecBufferRemoveHead(in, inSize); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferRemoveHead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } + xmlSecAssert2(outSize == 0, -1); + + if(transform->operation == xmlSecTransformOperationSign) { + status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inSize); + if(status != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "SGN_Update", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); + } + } else { + status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inSize); + if(status != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "VFY_Update", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); + } + } + + ret = xmlSecBufferRemoveHead(in, inSize); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "xmlSecBufferRemoveHead", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } } if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) { - xmlSecAssert2(outSize == 0, -1); - if(transform->operation == xmlSecTransformOperationSign) { - memset(&signature, 0, sizeof(signature)); - status = SGN_End(ctx->u.sig.sigctx, &signature); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "SGN_End", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); - return(-1); - } - - outSize = signature.len; - ret = xmlSecBufferSetMaxSize(out, outSize); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferSetMaxSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize); - PR_Free(signature.data); - return(-1); - } - - memcpy(xmlSecBufferGetData(out), signature.data, signature.len); - - ret = xmlSecBufferSetSize(out, outSize); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize); - PR_Free(signature.data); - return(-1); - } - PR_Free(signature.data); - } - transform->status = xmlSecTransformStatusFinished; + xmlSecAssert2(outSize == 0, -1); + if(transform->operation == xmlSecTransformOperationSign) { + memset(&signature, 0, sizeof(signature)); + status = SGN_End(ctx->u.sig.sigctx, &signature); + if(status != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "SGN_End", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", PORT_GetError()); + return(-1); + } + + if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) { + /* This creates a signature which is ASN1 encoded */ + SECItem * signatureClr; + + signatureClr = DSAU_DecodeDerSig(&signature); + if(signatureClr == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "DSAU_EncodeDerSig", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", + PORT_GetError()); + SECITEM_FreeItem(&signature, PR_FALSE); + return(-1); + } + + ret = xmlSecBufferSetData(out, signatureClr->data, signatureClr->len); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "xmlSecBufferSetData", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "size=%d", + signatureClr->len); + SECITEM_FreeItem(&signature, PR_FALSE); + return(-1); + } + + SECITEM_FreeItem(signatureClr, PR_TRUE); + } else { + /* This signature is used as-is */ + ret = xmlSecBufferSetData(out, signature.data, signature.len); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "xmlSecBufferSetData", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "size=%d", + signature.len); + SECITEM_FreeItem(&signature, PR_FALSE); + return(-1); + } + } + + /* cleanup */ + SECITEM_FreeItem(&signature, PR_FALSE); + } + transform->status = xmlSecTransformStatusFinished; } - + + if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) { - /* the only way we can get here is if there is no input */ - xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); + /* the only way we can get here is if there is no input */ + xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_STATUS, - "status=%d", transform->status); - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + NULL, + XMLSEC_ERRORS_R_INVALID_STATUS, + "status=%d", transform->status); + return(-1); } - + return(0); } @@ -461,39 +559,39 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor static xmlSecTransformKlass xmlSecNssDsaSha1Klass = { /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssSignatureSize, /* xmlSecSize objSize */ - - xmlSecNameDsaSha1, /* const xmlChar* name; */ - xmlSecHrefDsaSha1, /* const xmlChar* href; */ - xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ - - xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ - xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameDsaSha1, /* const xmlChar* name; */ + xmlSecHrefDsaSha1, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ }; /** * xmlSecNssTransformDsaSha1GetKlass: - * + * * The DSA-SHA1 signature transform klass. * * Returns: DSA-SHA1 signature transform klass. */ -xmlSecTransformId +xmlSecTransformId xmlSecNssTransformDsaSha1GetKlass(void) { return(&xmlSecNssDsaSha1Klass); } @@ -501,6 +599,56 @@ xmlSecNssTransformDsaSha1GetKlass(void) { #endif /* XMLSEC_NO_DSA */ #ifndef XMLSEC_NO_RSA + +#ifndef XMLSEC_NO_MD5 +/**************************************************************************** + * + * RSA-MD5 signature transform + * + ***************************************************************************/ +static xmlSecTransformKlass xmlSecNssRsaMd5Klass = { + /* klass/object sizes */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameRsaMd5, /* const xmlChar* name; */ + xmlSecHrefRsaMd5, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ +}; + +/** + * xmlSecNssTransformRsaMd5GetKlass: + * + * The RSA-MD5 signature transform klass. + * + * Returns: RSA-MD5 signature transform klass. + */ +xmlSecTransformId +xmlSecNssTransformRsaMd5GetKlass(void) { + return(&xmlSecNssRsaMd5Klass); +} + +#endif /* XMLSEC_NO_MD5 */ + + +#ifndef XMLSEC_NO_SHA1 /**************************************************************************** * * RSA-SHA1 signature transform @@ -508,43 +656,186 @@ xmlSecNssTransformDsaSha1GetKlass(void) { ***************************************************************************/ static xmlSecTransformKlass xmlSecNssRsaSha1Klass = { /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssSignatureSize, /* xmlSecSize objSize */ - - xmlSecNameRsaSha1, /* const xmlChar* name; */ - xmlSecHrefRsaSha1, /* const xmlChar* href; */ - xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ - - xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ - xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameRsaSha1, /* const xmlChar* name; */ + xmlSecHrefRsaSha1, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ }; /** * xmlSecNssTransformRsaSha1GetKlass: - * + * * The RSA-SHA1 signature transform klass. * * Returns: RSA-SHA1 signature transform klass. */ -xmlSecTransformId +xmlSecTransformId xmlSecNssTransformRsaSha1GetKlass(void) { return(&xmlSecNssRsaSha1Klass); } -#endif /* XMLSEC_NO_DSA */ +#endif /* XMLSEC_NO_SHA1 */ + +#ifndef XMLSEC_NO_SHA256 +/**************************************************************************** + * + * RSA-SHA256 signature transform + * + ***************************************************************************/ +static xmlSecTransformKlass xmlSecNssRsaSha256Klass = { + /* klass/object sizes */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameRsaSha256, /* const xmlChar* name; */ + xmlSecHrefRsaSha256, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ +}; + +/** + * xmlSecNssTransformRsaSha256GetKlass: + * + * The RSA-SHA256 signature transform klass. + * + * Returns: RSA-SHA256 signature transform klass. + */ +xmlSecTransformId +xmlSecNssTransformRsaSha256GetKlass(void) { + return(&xmlSecNssRsaSha256Klass); +} + +#endif /* XMLSEC_NO_SHA256 */ + +#ifndef XMLSEC_NO_SHA384 +/**************************************************************************** + * + * RSA-SHA384 signature transform + * + ***************************************************************************/ +static xmlSecTransformKlass xmlSecNssRsaSha384Klass = { + /* klass/object sizes */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameRsaSha384, /* const xmlChar* name; */ + xmlSecHrefRsaSha384, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ +}; + +/** + * xmlSecNssTransformRsaSha384GetKlass: + * + * The RSA-SHA384 signature transform klass. + * + * Returns: RSA-SHA384 signature transform klass. + */ +xmlSecTransformId +xmlSecNssTransformRsaSha384GetKlass(void) { + return(&xmlSecNssRsaSha384Klass); +} + +#endif /* XMLSEC_NO_SHA384 */ + +#ifndef XMLSEC_NO_SHA512 +/**************************************************************************** + * + * RSA-SHA512 signature transform + * + ***************************************************************************/ +static xmlSecTransformKlass xmlSecNssRsaSha512Klass = { + /* klass/object sizes */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssSignatureSize, /* xmlSecSize objSize */ + + xmlSecNameRsaSha512, /* const xmlChar* name; */ + xmlSecHrefRsaSha512, /* const xmlChar* href; */ + xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ + + xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ +}; + +/** + * xmlSecNssTransformRsaSha512GetKlass: + * + * The RSA-SHA512 signature transform klass. + * + * Returns: RSA-SHA512 signature transform klass. + */ +xmlSecTransformId +xmlSecNssTransformRsaSha512GetKlass(void) { + return(&xmlSecNssRsaSha512Klass); +} + +#endif /* XMLSEC_NO_SHA512 */ + +#endif /* XMLSEC_NO_RSA */ |