summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorsangwan.kwon <sangwan.kwon@samsung.com>2016-07-28 15:17:14 +0900
committersangwan.kwon <sangwan.kwon@samsung.com>2016-07-28 15:17:14 +0900
commit1ca1a139b4c1a00de4d72f64b7411e118111a161 (patch)
tree2c93e5dbce5b42d1efd45520b1c8cd50b6bf6998 /src
parentfe8ea3dba5971ab3f47090ba52d7f824c3d23545 (diff)
parentd4d35351fd63a7051a7cbef2002cb0c641925ec3 (diff)
downloadxmlsec1-1ca1a139b4c1a00de4d72f64b7411e118111a161.tar.gz
xmlsec1-1ca1a139b4c1a00de4d72f64b7411e118111a161.tar.bz2
xmlsec1-1ca1a139b4c1a00de4d72f64b7411e118111a161.zip
Merge branch 'upstream' into tizen
Change-Id: Iacc73c9ed5e9cfd188df62c405426bfa89bf4e51
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am5
-rw-r--r--src/Makefile.in368
-rw-r--r--src/app.c139
-rw-r--r--src/base64.c4
-rw-r--r--src/bn.c2
-rw-r--r--src/buffer.c4
-rw-r--r--src/c14n.c2
-rw-r--r--src/dl.c73
-rw-r--r--src/enveloped.c11
-rw-r--r--src/errors.c2
-rw-r--r--src/gcrypt/Makefile.in275
-rw-r--r--src/gcrypt/app.c2
-rw-r--r--src/gcrypt/asn1.c4
-rw-r--r--src/gcrypt/asn1.h4
-rw-r--r--src/gcrypt/asymkeys.c2
-rw-r--r--src/gcrypt/ciphers.c2
-rw-r--r--src/gcrypt/crypto.c2
-rw-r--r--src/gcrypt/digests.c2
-rw-r--r--src/gcrypt/globals.h2
-rw-r--r--src/gcrypt/hmac.c2
-rw-r--r--src/gcrypt/kw_aes.c2
-rw-r--r--src/gcrypt/kw_des.c2
-rw-r--r--src/gcrypt/signatures.c2
-rw-r--r--src/gcrypt/symkeys.c2
-rw-r--r--src/globals.h2
-rw-r--r--src/gnutls/Makefile.in275
-rw-r--r--src/gnutls/app.c2
-rw-r--r--src/gnutls/asymkeys.c2
-rw-r--r--src/gnutls/ciphers.c2
-rw-r--r--src/gnutls/crypto.c2
-rw-r--r--src/gnutls/digests.c2
-rw-r--r--src/gnutls/globals.h2
-rw-r--r--src/gnutls/hmac.c2
-rw-r--r--src/gnutls/kw_aes.c2
-rw-r--r--src/gnutls/kw_des.c2
-rw-r--r--src/gnutls/signatures.c2
-rw-r--r--src/gnutls/symkeys.c2
-rw-r--r--src/gnutls/x509.c2
-rw-r--r--src/gnutls/x509utils.c2
-rw-r--r--src/gnutls/x509utils.h6
-rw-r--r--src/gnutls/x509vfy.c2
-rw-r--r--src/io.c51
-rw-r--r--src/keyinfo.c15
-rw-r--r--src/keys.c6
-rw-r--r--src/keysdata.c4
-rw-r--r--src/keysmngr.c4
-rw-r--r--src/kw_aes_des.c2
-rw-r--r--src/kw_aes_des.h4
-rw-r--r--src/list.c6
-rw-r--r--src/membuf.c2
-rw-r--r--src/mscrypto/Makefile.in274
-rw-r--r--src/mscrypto/app.c4
-rw-r--r--src/mscrypto/certkeys.c2
-rw-r--r--src/mscrypto/ciphers.c2
-rw-r--r--src/mscrypto/crypto.c2
-rw-r--r--src/mscrypto/globals.h13
-rw-r--r--src/mscrypto/hmac.c2
-rw-r--r--src/mscrypto/keysstore.c2
-rw-r--r--src/mscrypto/kw_aes.c2
-rw-r--r--src/mscrypto/kw_des.c2
-rw-r--r--src/mscrypto/private.h4
-rw-r--r--src/mscrypto/signatures.c2
-rw-r--r--src/mscrypto/x509.c3
-rw-r--r--src/mscrypto/x509vfy.c4
-rw-r--r--src/mscrypto/xmlsec-mingw.h2
-rw-r--r--src/nodeset.c4
-rw-r--r--src/nss/Makefile.in274
-rw-r--r--src/nss/app.c2
-rw-r--r--src/nss/ciphers.c2
-rw-r--r--src/nss/crypto.c2
-rw-r--r--src/nss/digests.c2
-rw-r--r--src/nss/globals.h2
-rw-r--r--src/nss/hmac.c2
-rw-r--r--src/nss/keysstore.c2
-rw-r--r--src/nss/kw_aes.c2
-rw-r--r--src/nss/kw_des.c2
-rw-r--r--src/nss/pkikeys.c9
-rw-r--r--src/nss/symkeys.c2
-rw-r--r--src/nss/x509vfy.c18
-rw-r--r--src/openssl/Makefile.am1
-rw-r--r--src/openssl/Makefile.in294
-rw-r--r--src/openssl/README8
-rw-r--r--src/openssl/app.c19
-rw-r--r--src/openssl/bn.c2
-rw-r--r--src/openssl/ciphers.c409
-rw-r--r--src/openssl/crypto.c21
-rw-r--r--src/openssl/digests.c180
-rw-r--r--src/openssl/evp.c391
-rw-r--r--src/openssl/evp_signatures.c1034
-rw-r--r--src/openssl/globals.h2
-rw-r--r--src/openssl/hmac.c69
-rw-r--r--src/openssl/kt_rsa.c32
-rw-r--r--src/openssl/kw_aes.c5
-rw-r--r--src/openssl/kw_des.c33
-rw-r--r--src/openssl/signatures.c1905
-rw-r--r--src/openssl/symkeys.c7
-rw-r--r--src/openssl/x509.c18
-rw-r--r--src/openssl/x509vfy.c196
-rw-r--r--src/parser.c7
-rw-r--r--src/relationship.c822
-rw-r--r--src/skeleton/app.c2
-rw-r--r--src/skeleton/crypto.c7
-rw-r--r--src/skeleton/globals.h2
-rw-r--r--src/strings.c172
-rw-r--r--src/templates.c2
-rw-r--r--src/transforms.c36
-rw-r--r--src/x509.c2
-rw-r--r--src/xkms.c4981
-rw-r--r--src/xmldsig.c235
-rw-r--r--src/xmlenc.c16
-rw-r--r--src/xmlsec.c38
-rw-r--r--src/xmltree.c2
-rw-r--r--src/xpath.c23
-rw-r--r--src/xslt.c4
114 files changed, 5430 insertions, 7512 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 3883ab6f..44cfabea 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -2,8 +2,9 @@ NULL =
SUBDIRS = . $(XMLSEC_CRYPTO_LIST)
-INCLUDES = \
+AM_CFLAGS = \
-DPACKAGE=\"@PACKAGE@\" \
+ -DXMLSEC_DEFAULT_CRYPTO=\"@XMLSEC_DEFAULT_CRYPTO@\" \
-I../include \
-I$(top_srcdir)/include \
$(XMLSEC_DEFINES) \
@@ -44,12 +45,12 @@ libxmlsec1_la_SOURCES = \
membuf.c \
nodeset.c \
parser.c \
+ relationship.c \
soap.c \
strings.c \
templates.c \
transforms.c \
x509.c \
- xkms.c \
xmldsig.c \
xmlenc.c \
xmlsec.c \
diff --git a/src/Makefile.in b/src/Makefile.in
index c0d0157c..8a6b7254 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -35,14 +89,14 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src
-DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -84,16 +138,29 @@ am__objects_1 =
am_libxmlsec1_la_OBJECTS = app.lo base64.lo bn.lo buffer.lo c14n.lo \
dl.lo enveloped.lo errors.lo io.lo keyinfo.lo keys.lo \
keysdata.lo keysmngr.lo kw_aes_des.lo list.lo membuf.lo \
- nodeset.lo parser.lo soap.lo strings.lo templates.lo \
- transforms.lo x509.lo xkms.lo xmldsig.lo xmlenc.lo xmlsec.lo \
- xmltree.lo xpath.lo xslt.lo $(am__objects_1)
+ nodeset.lo parser.lo relationship.lo soap.lo strings.lo \
+ templates.lo transforms.lo x509.lo xmldsig.lo xmlenc.lo \
+ xmlsec.lo xmltree.lo xpath.lo xslt.lo $(am__objects_1)
libxmlsec1_la_OBJECTS = $(am_libxmlsec1_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libxmlsec1_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -106,37 +173,60 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_la_SOURCES)
DIST_SOURCES = $(libxmlsec1_la_SOURCES)
-RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
- html-recursive info-recursive install-data-recursive \
- install-dvi-recursive install-exec-recursive \
- install-html-recursive install-info-recursive \
- install-pdf-recursive install-ps-recursive install-recursive \
- installcheck-recursive installdirs-recursive pdf-recursive \
- ps-recursive uninstall-recursive
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+ ctags-recursive dvi-recursive html-recursive info-recursive \
+ install-data-recursive install-dvi-recursive \
+ install-exec-recursive install-html-recursive \
+ install-info-recursive install-pdf-recursive \
+ install-ps-recursive install-recursive installcheck-recursive \
+ installdirs-recursive pdf-recursive ps-recursive \
+ tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
-AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
- $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \
+am__recursive_targets = \
+ $(RECURSIVE_TARGETS) \
+ $(RECURSIVE_CLEAN_TARGETS) \
+ $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
distdir
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -198,6 +288,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -217,6 +311,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -255,6 +350,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -271,7 +367,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -279,6 +374,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -298,6 +394,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -312,7 +409,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -327,6 +423,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -381,8 +478,9 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
NULL =
SUBDIRS = . $(XMLSEC_CRYPTO_LIST)
-INCLUDES = \
+AM_CFLAGS = \
-DPACKAGE=\"@PACKAGE@\" \
+ -DXMLSEC_DEFAULT_CRYPTO=\"@XMLSEC_DEFAULT_CRYPTO@\" \
-I../include \
-I$(top_srcdir)/include \
$(XMLSEC_DEFINES) \
@@ -423,12 +521,12 @@ libxmlsec1_la_SOURCES = \
membuf.c \
nodeset.c \
parser.c \
+ relationship.c \
soap.c \
strings.c \
templates.c \
transforms.c \
x509.c \
- xkms.c \
xmldsig.c \
xmlenc.c \
xmlsec.c \
@@ -464,7 +562,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -482,9 +579,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -492,6 +589,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -507,12 +606,15 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
libxmlsec1.la: $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_DEPENDENCIES) $(EXTRA_libxmlsec1_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_la_LINK) -rpath $(libdir) $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_LIBADD) $(LIBS)
@@ -540,12 +642,12 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/membuf.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nodeset.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parser.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/relationship.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/soap.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/templates.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transforms.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xkms.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmldsig.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlenc.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlsec.Plo@am__quote@
@@ -554,22 +656,25 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xslt.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -581,22 +686,25 @@ clean-libtool:
-rm -rf .libs _libs
# This directory's subdirectories are mostly independent; you can cd
-# into them and run `make' without going through this Makefile.
-# To change the values of `make' variables: instead of editing Makefiles,
-# (1) if the variable is set in `config.status', edit `config.status'
-# (which will cause the Makefiles to be regenerated when you run `make');
-# (2) otherwise, pass the desired values on the `make' command line.
-$(RECURSIVE_TARGETS):
- @fail= failcom='exit 1'; \
- for f in x $$MAKEFLAGS; do \
- case $$f in \
- *=* | --[!k]*);; \
- *k*) failcom='fail=yes';; \
- esac; \
- done; \
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+# (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+ @fail=; \
+ if $(am__make_keepgoing); then \
+ failcom='fail=yes'; \
+ else \
+ failcom='exit 1'; \
+ fi; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
- list='$(SUBDIRS)'; for subdir in $$list; do \
+ case "$@" in \
+ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+ *) list='$(SUBDIRS)' ;; \
+ esac; \
+ for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
@@ -611,57 +719,12 @@ $(RECURSIVE_TARGETS):
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
-$(RECURSIVE_CLEAN_TARGETS):
- @fail= failcom='exit 1'; \
- for f in x $$MAKEFLAGS; do \
- case $$f in \
- *=* | --[!k]*);; \
- *k*) failcom='fail=yes';; \
- esac; \
- done; \
- dot_seen=no; \
- case "$@" in \
- distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
- *) list='$(SUBDIRS)' ;; \
- esac; \
- rev=''; for subdir in $$list; do \
- if test "$$subdir" = "."; then :; else \
- rev="$$subdir $$rev"; \
- fi; \
- done; \
- rev="$$rev ."; \
- target=`echo $@ | sed s/-recursive//`; \
- for subdir in $$rev; do \
- echo "Making $$target in $$subdir"; \
- if test "$$subdir" = "."; then \
- local_target="$$target-am"; \
- else \
- local_target="$$target"; \
- fi; \
- ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
- || eval $$failcom; \
- done && test -z "$$fail"
-tags-recursive:
- list='$(SUBDIRS)'; for subdir in $$list; do \
- test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
- done
-ctags-recursive:
- list='$(SUBDIRS)'; for subdir in $$list; do \
- test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
- done
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
@@ -677,12 +740,7 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -694,15 +752,11 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -711,6 +765,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -747,13 +816,10 @@ distdir: $(DISTFILES)
done
@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
- test -d "$(distdir)/$$subdir" \
- || $(MKDIR_P) "$(distdir)/$$subdir" \
- || exit 1; \
- fi; \
- done
- @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
- if test "$$subdir" = .; then :; else \
+ $(am__make_dryrun) \
+ || test -d "$(distdir)/$$subdir" \
+ || $(MKDIR_P) "$(distdir)/$$subdir" \
+ || exit 1; \
dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
$(am__relativize); \
new_distdir=$$reldir; \
@@ -882,24 +948,24 @@ ps-am:
uninstall-am: uninstall-libLTLIBRARIES
-.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) ctags-recursive \
- install-am install-strip tags-recursive
-
-.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
- all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags ctags-recursive \
- distclean distclean-compile distclean-generic \
- distclean-libtool distclean-tags distdir dvi dvi-am html \
- html-am info info-am install install-am install-data \
- install-data-am install-dvi install-dvi-am install-exec \
- install-exec-am install-html install-html-am install-info \
- install-info-am install-libLTLIBRARIES install-man install-pdf \
- install-pdf-am install-ps install-ps-am install-strip \
- installcheck installcheck-am installdirs installdirs-am \
- maintainer-clean maintainer-clean-generic mostlyclean \
- mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
- pdf pdf-am ps ps-am tags tags-recursive uninstall uninstall-am \
- uninstall-libLTLIBRARIES
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
+ check-am clean clean-generic clean-libLTLIBRARIES \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am \
+ install-libLTLIBRARIES install-man install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs installdirs-am maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/app.c b/src/app.c
index 55f54530..b45bc8bb 100644
--- a/src/app.c
+++ b/src/app.c
@@ -5,7 +5,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -220,6 +220,52 @@ xmlSecKeyDataGost2001GetKlass(void) {
}
/**
+ * xmlSecKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 256 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "keyDataGostR3410_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecKeyDataIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass());
+}
+
+/**
+ * xmlSecKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 512 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "keyDataGostR3410_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecKeyDataIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass());
+}
+
+/**
* xmlSecKeyDataHmacGetKlass:
*
* The HMAC key data klass.
@@ -713,6 +759,52 @@ xmlSecTransformGost2001GostR3411_94GetKlass(void) {
}
/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3410_2012GostR3411_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3410_2012GostR3411_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass());
+}
+
+/**
* xmlSecTransformHmacMd5GetKlass:
*
* The HMAC-MD5 transform klass.
@@ -1149,7 +1241,52 @@ xmlSecTransformGostR3411_94GetKlass(void) {
return(xmlSecCryptoDLGetFunctions()->transformGostR3411_94GetKlass());
}
+/**
+ * xmlSecTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3411_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3411_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass());
+}
/**
* xmlSecTransformSha1GetKlass:
*
diff --git a/src/base64.c b/src/base64.c
index 53e66945..a78f8164 100644
--- a/src/base64.c
+++ b/src/base64.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -161,7 +161,7 @@ xmlSecBase64CtxCreate(int encode, int columns) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecBase64Ctx)=%d",
- sizeof(xmlSecBase64Ctx));
+ (int)sizeof(xmlSecBase64Ctx));
return(NULL);
}
diff --git a/src/bn.c b/src/bn.c
index 06a31d5b..b5333c9c 100644
--- a/src/bn.c
+++ b/src/bn.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
*/
#include "globals.h"
diff --git a/src/buffer.c b/src/buffer.c
index 0efbfed2..55a95dda 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -67,7 +67,7 @@ xmlSecBufferCreate(xmlSecSize size) {
NULL,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
- "sizeof(xmlSecBuffer)=%d", sizeof(xmlSecBuffer));
+ "sizeof(xmlSecBuffer)=%d", (int)sizeof(xmlSecBuffer));
return(NULL);
}
diff --git a/src/c14n.c b/src/c14n.c
index 5967a35e..59a7ddcf 100644
--- a/src/c14n.c
+++ b/src/c14n.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/dl.c b/src/dl.c
index 5ffc2ff7..7ab84d76 100644
--- a/src/dl.c
+++ b/src/dl.c
@@ -5,7 +5,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -89,7 +89,7 @@ XMLSEC_PTR_TO_FUNC_IMPL(xmlSecCryptoGetFunctionsCallback)
static xmlSecCryptoDLLibraryPtr
xmlSecCryptoDLLibraryCreate(const xmlChar* name) {
xmlSecCryptoDLLibraryPtr lib;
- xmlSecCryptoGetFunctionsCallback * getFunctions;
+ xmlSecCryptoGetFunctionsCallback * getFunctions = NULL;
xmlSecAssert2(name != NULL, NULL);
@@ -102,7 +102,7 @@ xmlSecCryptoDLLibraryCreate(const xmlChar* name) {
NULL,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
- "size=%d", sizeof(lib));
+ "size=%d", (int)sizeof(lib));
return(NULL);
}
memset(lib, 0, sizeof(xmlSecCryptoDLLibrary));
@@ -429,9 +429,10 @@ xmlSecCryptoDLShutdown(void) {
/**
* xmlSecCryptoDLLoadLibrary:
- * @crypto: the desired crypto library name ("openssl", "nss", ...).
+ * @crypto: the desired crypto library name ("openssl", "nss", ...). If NULL
+ * then the default crypto engine will be used.
*
- * Loads the xmlsec-<crypto> library. This function is NOT thread safe,
+ * Loads the xmlsec-$crypto library. This function is NOT thread safe,
* application MUST NOT call #xmlSecCryptoDLLoadLibrary, #xmlSecCryptoDLGetLibraryFunctions,
* and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
*
@@ -442,9 +443,8 @@ xmlSecCryptoDLLoadLibrary(const xmlChar* crypto) {
xmlSecCryptoDLFunctionsPtr functions;
int ret;
- xmlSecAssert2(crypto != NULL, -1);
-
- functions = xmlSecCryptoDLGetLibraryFunctions(crypto);
+ /* if crypto is not specified, then used default */
+ functions = xmlSecCryptoDLGetLibraryFunctions((crypto != NULL ) ? crypto : xmlSecGetDefaultCrypto());
if(functions == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -463,6 +463,7 @@ xmlSecCryptoDLLoadLibrary(const xmlChar* crypto) {
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
+
return(0);
}
@@ -470,7 +471,7 @@ xmlSecCryptoDLLoadLibrary(const xmlChar* crypto) {
* xmlSecCryptoDLGetLibraryFunctions:
* @crypto: the desired crypto library name ("openssl", "nss", ...).
*
- * Loads the xmlsec-<crypto> library and gets global crypto functions/transforms/keys data/keys store
+ * Loads the xmlsec-$crypto library and gets global crypto functions/transforms/keys data/keys store
* table. This function is NOT thread safe, application MUST NOT call #xmlSecCryptoDLLoadLibrary,
* #xmlSecCryptoDLGetLibraryFunctions, and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
*
@@ -523,7 +524,7 @@ xmlSecCryptoDLGetLibraryFunctions(const xmlChar* crypto) {
* xmlSecCryptoDLUnloadLibrary:
* @crypto: the desired crypto library name ("openssl", "nss", ...).
*
- * Unloads the xmlsec-<crypto> library. All pointers to this library
+ * Unloads the xmlsec-$crypto library. All pointers to this library
* functions tables became invalid. This function is NOT thread safe,
* application MUST NOT call #xmlSecCryptoDLLoadLibrary, #xmlSecCryptoDLGetLibraryFunctions,
* and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
@@ -650,7 +651,22 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
- if((functions->keyDataHmacGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
+ if((functions->keyDataGostR3410_2012_256GetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_256GetKlass()) < 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_256GetKlass())),
+ "xmlSecKeyDataIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ if((functions->keyDataGostR3410_2012_512GetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_512GetKlass()) < 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_512GetKlass())),
+ "xmlSecKeyDataIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ } if((functions->keyDataHmacGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataHmacGetKlass())),
"xmlSecKeyDataIdsRegister",
@@ -770,6 +786,24 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
return(-1);
}
+ if((functions->transformGostR3410_2012GostR3411_2012_256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_256GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_256GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if((functions->transformGostR3410_2012GostR3411_2012_512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_512GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_512GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
if((functions->transformDsaSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformDsaSha1GetKlass()) < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha1GetKlass())),
@@ -1004,6 +1038,23 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
return(-1);
}
+ if((functions->transformGostR3411_2012_256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGostR3411_2012_256GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_256GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if((functions->transformGostR3411_2012_512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGostR3411_2012_512GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_512GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
if((functions->transformSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha1GetKlass()) < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha1GetKlass())),
diff --git a/src/enveloped.c b/src/enveloped.c
index 8047d318..ae11c16e 100644
--- a/src/enveloped.c
+++ b/src/enveloped.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -73,10 +73,11 @@ static xmlSecTransformKlass xmlSecTransformEnvelopedKlass = {
* result from replacing T with an XPath transform containing the following
* XPath parameter element:
*
- * <XPath xmlns:dsig="&dsig;">
- * count(ancestor-or-self::dsig:Signature |
- * here()/ancestor::dsig:Signature[1]) >
- * count(ancestor-or-self::dsig:Signature)</XPath>
+ * <XPath xmlns:dsig="...">
+ * count(ancestor-or-self::dsig:Signature |
+ * here()/ancestor::dsig:Signature[1]) >
+ * count(ancestor-or-self::dsig:Signature)
+ * </XPath>
*
* The input and output requirements of this transform are identical to
* those of the XPath transform, but may only be applied to a node-set from
diff --git a/src/errors.c b/src/errors.c
index c01a4925..0c14da7c 100644
--- a/src/errors.c
+++ b/src/errors.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/Makefile.in b/src/gcrypt/Makefile.in
index 325e5cf8..b08d9074 100644
--- a/src/gcrypt/Makefile.in
+++ b/src/gcrypt/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -36,14 +90,14 @@ build_triplet = @build@
host_triplet = @host@
@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
subdir = src/gcrypt
-DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -82,7 +136,9 @@ am__libxmlsec1_gcrypt_la_SOURCES_DIST = app.c asn1.h asn1.c ciphers.c \
crypto.c digests.c hmac.c kw_aes.c kw_des.c symkeys.c \
asymkeys.c signatures.c globals.h ../strings.c
am__objects_1 =
-@SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_gcrypt_la-strings.lo
+am__dirstamp = $(am__leading_dot)dirstamp
+@SHAREDLIB_HACK_TRUE@am__objects_2 = \
+@SHAREDLIB_HACK_TRUE@ ../libxmlsec1_gcrypt_la-strings.lo
am_libxmlsec1_gcrypt_la_OBJECTS = libxmlsec1_gcrypt_la-app.lo \
libxmlsec1_gcrypt_la-asn1.lo libxmlsec1_gcrypt_la-ciphers.lo \
libxmlsec1_gcrypt_la-crypto.lo libxmlsec1_gcrypt_la-digests.lo \
@@ -95,10 +151,23 @@ libxmlsec1_gcrypt_la_OBJECTS = $(am_libxmlsec1_gcrypt_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_gcrypt_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gcrypt_la_LDFLAGS) \
$(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -111,24 +180,43 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_gcrypt_la_SOURCES)
DIST_SOURCES = $(am__libxmlsec1_gcrypt_la_SOURCES_DIST)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -165,6 +253,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -184,6 +276,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -222,6 +315,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -238,7 +332,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -246,6 +339,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -265,6 +359,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -279,7 +374,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -294,6 +388,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -400,7 +495,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/gcrypt/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/gcrypt/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -418,9 +512,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -428,6 +522,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -443,21 +539,35 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+../$(am__dirstamp):
+ @$(MKDIR_P) ..
+ @: > ../$(am__dirstamp)
+../$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ../$(DEPDIR)
+ @: > ../$(DEPDIR)/$(am__dirstamp)
+../libxmlsec1_gcrypt_la-strings.lo: ../$(am__dirstamp) \
+ ../$(DEPDIR)/$(am__dirstamp)
+
libxmlsec1-gcrypt.la: $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gcrypt_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_gcrypt_la_LINK) -rpath $(libdir) $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f ../*.$(OBJEXT)
+ -rm -f ../*.lo
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@../$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo@am__quote@
@@ -468,26 +578,28 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -569,39 +681,29 @@ libxmlsec1_gcrypt_la-signatures.lo: signatures.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
-libxmlsec1_gcrypt_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo -c -o libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='libxmlsec1_gcrypt_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+../libxmlsec1_gcrypt_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ../libxmlsec1_gcrypt_la-strings.lo -MD -MP -MF ../$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo -c -o ../libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ../$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo ../$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='../libxmlsec1_gcrypt_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ../libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf ../.libs ../_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -613,15 +715,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -630,6 +728,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -697,6 +810,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ../$(DEPDIR)/$(am__dirstamp)
+ -rm -f ../$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -707,7 +822,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -753,7 +868,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -774,19 +889,21 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: install-am install-strip
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/gcrypt/app.c b/src/gcrypt/app.c
index ab95f6dd..dd5d7706 100644
--- a/src/gcrypt/app.c
+++ b/src/gcrypt/app.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/asn1.c b/src/gcrypt/asn1.c
index b1388420..cec6364d 100644
--- a/src/gcrypt/asn1.c
+++ b/src/gcrypt/asn1.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -304,9 +304,11 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
case 3:
/* Public RSA */
type = xmlSecGCryptDerKeyTypePublicRsa;
+ break;
case 5:
/* Public DSA */
type = xmlSecGCryptDerKeyTypePublicDsa;
+ break;
case 6:
/* Private DSA */
type = xmlSecGCryptDerKeyTypePrivateDsa;
diff --git a/src/gcrypt/asn1.h b/src/gcrypt/asn1.h
index d05b5305..b4485a4f 100644
--- a/src/gcrypt/asn1.h
+++ b/src/gcrypt/asn1.h
@@ -6,13 +6,13 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GCRYPT_ASN1_H__
#define __XMLSEC_GCRYPT_ASN1_H__
#ifndef XMLSEC_PRIVATE
-#error "gcrypt/asn1.h file contains private xmlsec-gcrypt definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#error "gcrypt/asn1.h file contains private xmlsec-gcrypt definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
#ifdef __cplusplus
diff --git a/src/gcrypt/asymkeys.c b/src/gcrypt/asymkeys.c
index 8f0cec88..b2256145 100644
--- a/src/gcrypt/asymkeys.c
+++ b/src/gcrypt/asymkeys.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/ciphers.c b/src/gcrypt/ciphers.c
index 6192b8b2..76c1d5a9 100644
--- a/src/gcrypt/ciphers.c
+++ b/src/gcrypt/ciphers.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/crypto.c b/src/gcrypt/crypto.c
index 11def388..d02eb597 100644
--- a/src/gcrypt/crypto.c
+++ b/src/gcrypt/crypto.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/digests.c b/src/gcrypt/digests.c
index dcbe4c7f..d947446f 100644
--- a/src/gcrypt/digests.c
+++ b/src/gcrypt/digests.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/globals.h b/src/gcrypt/globals.h
index 7bc03c1c..3da464d2 100644
--- a/src/gcrypt/globals.h
+++ b/src/gcrypt/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
diff --git a/src/gcrypt/hmac.c b/src/gcrypt/hmac.c
index 192cb17b..631b4704 100644
--- a/src/gcrypt/hmac.c
+++ b/src/gcrypt/hmac.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_HMAC
#include "globals.h"
diff --git a/src/gcrypt/kw_aes.c b/src/gcrypt/kw_aes.c
index 38ac8956..32bc5cce 100644
--- a/src/gcrypt/kw_aes.c
+++ b/src/gcrypt/kw_aes.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_AES
#include "globals.h"
diff --git a/src/gcrypt/kw_des.c b/src/gcrypt/kw_des.c
index b93eb9f5..67e76c56 100644
--- a/src/gcrypt/kw_des.c
+++ b/src/gcrypt/kw_des.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_DES
#include "globals.h"
diff --git a/src/gcrypt/signatures.c b/src/gcrypt/signatures.c
index c49638e4..1d3f77a4 100644
--- a/src/gcrypt/signatures.c
+++ b/src/gcrypt/signatures.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gcrypt/symkeys.c b/src/gcrypt/symkeys.c
index 88272fe3..ecd8368b 100644
--- a/src/gcrypt/symkeys.c
+++ b/src/gcrypt/symkeys.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/globals.h b/src/globals.h
index 31a57d6b..5cc7070f 100644
--- a/src/globals.h
+++ b/src/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
diff --git a/src/gnutls/Makefile.in b/src/gnutls/Makefile.in
index f4351c16..490ba4e9 100644
--- a/src/gnutls/Makefile.in
+++ b/src/gnutls/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -36,14 +90,14 @@ build_triplet = @build@
host_triplet = @host@
@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
subdir = src/gnutls
-DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -83,7 +137,9 @@ am__libxmlsec1_gnutls_la_SOURCES_DIST = app.c ciphers.c crypto.c \
signatures.c x509utils.h x509utils.c x509.c x509vfy.c \
globals.h ../strings.c
am__objects_1 =
-@SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_gnutls_la-strings.lo
+am__dirstamp = $(am__leading_dot)dirstamp
+@SHAREDLIB_HACK_TRUE@am__objects_2 = \
+@SHAREDLIB_HACK_TRUE@ ../libxmlsec1_gnutls_la-strings.lo
am_libxmlsec1_gnutls_la_OBJECTS = libxmlsec1_gnutls_la-app.lo \
libxmlsec1_gnutls_la-ciphers.lo libxmlsec1_gnutls_la-crypto.lo \
libxmlsec1_gnutls_la-digests.lo libxmlsec1_gnutls_la-hmac.lo \
@@ -98,10 +154,23 @@ libxmlsec1_gnutls_la_OBJECTS = $(am_libxmlsec1_gnutls_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_gnutls_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gnutls_la_LDFLAGS) \
$(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -114,24 +183,43 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_gnutls_la_SOURCES)
DIST_SOURCES = $(am__libxmlsec1_gnutls_la_SOURCES_DIST)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -168,6 +256,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -187,6 +279,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -225,6 +318,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -241,7 +335,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -249,6 +342,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -268,6 +362,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -282,7 +377,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -297,6 +391,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -406,7 +501,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/gnutls/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/gnutls/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -424,9 +518,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -434,6 +528,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -449,21 +545,35 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+../$(am__dirstamp):
+ @$(MKDIR_P) ..
+ @: > ../$(am__dirstamp)
+../$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ../$(DEPDIR)
+ @: > ../$(DEPDIR)/$(am__dirstamp)
+../libxmlsec1_gnutls_la-strings.lo: ../$(am__dirstamp) \
+ ../$(DEPDIR)/$(am__dirstamp)
+
libxmlsec1-gnutls.la: $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gnutls_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_gnutls_la_LINK) -rpath $(libdir) $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f ../*.$(OBJEXT)
+ -rm -f ../*.lo
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@../$(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo@am__quote@
@@ -473,29 +583,31 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -591,39 +703,29 @@ libxmlsec1_gnutls_la-x509vfy.lo: x509vfy.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-libxmlsec1_gnutls_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='libxmlsec1_gnutls_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+../libxmlsec1_gnutls_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ../libxmlsec1_gnutls_la-strings.lo -MD -MP -MF ../$(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo -c -o ../libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ../$(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo ../$(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='../libxmlsec1_gnutls_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ../libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf ../.libs ../_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -635,15 +737,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -652,6 +750,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -719,6 +832,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ../$(DEPDIR)/$(am__dirstamp)
+ -rm -f ../$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -729,7 +844,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -775,7 +890,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -796,19 +911,21 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: install-am install-strip
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/gnutls/app.c b/src/gnutls/app.c
index 856257f3..042f311c 100644
--- a/src/gnutls/app.c
+++ b/src/gnutls/app.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/asymkeys.c b/src/gnutls/asymkeys.c
index 6ac68a78..de9d3fe6 100644
--- a/src/gnutls/asymkeys.c
+++ b/src/gnutls/asymkeys.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/ciphers.c b/src/gnutls/ciphers.c
index eacfede6..e38fa7db 100644
--- a/src/gnutls/ciphers.c
+++ b/src/gnutls/ciphers.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/crypto.c b/src/gnutls/crypto.c
index 83175e69..0921f2c5 100644
--- a/src/gnutls/crypto.c
+++ b/src/gnutls/crypto.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/digests.c b/src/gnutls/digests.c
index 2df20706..94f3aa6a 100644
--- a/src/gnutls/digests.c
+++ b/src/gnutls/digests.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/globals.h b/src/gnutls/globals.h
index b49e2404..1f9f35c0 100644
--- a/src/gnutls/globals.h
+++ b/src/gnutls/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
diff --git a/src/gnutls/hmac.c b/src/gnutls/hmac.c
index 5d1acfc2..76568052 100644
--- a/src/gnutls/hmac.c
+++ b/src/gnutls/hmac.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_HMAC
#include "globals.h"
diff --git a/src/gnutls/kw_aes.c b/src/gnutls/kw_aes.c
index 63f8a6be..4186374e 100644
--- a/src/gnutls/kw_aes.c
+++ b/src/gnutls/kw_aes.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_AES
#include "globals.h"
diff --git a/src/gnutls/kw_des.c b/src/gnutls/kw_des.c
index 5d2a2e55..79660bd5 100644
--- a/src/gnutls/kw_des.c
+++ b/src/gnutls/kw_des.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_DES
#include "globals.h"
diff --git a/src/gnutls/signatures.c b/src/gnutls/signatures.c
index 98d1f832..136644c1 100644
--- a/src/gnutls/signatures.c
+++ b/src/gnutls/signatures.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/symkeys.c b/src/gnutls/symkeys.c
index b1521d62..74727eeb 100644
--- a/src/gnutls/symkeys.c
+++ b/src/gnutls/symkeys.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/x509.c b/src/gnutls/x509.c
index 52d46ab4..d043bc72 100644
--- a/src/gnutls/x509.c
+++ b/src/gnutls/x509.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/x509utils.c b/src/gnutls/x509utils.c
index 0dc70003..2ab4df23 100644
--- a/src/gnutls/x509utils.c
+++ b/src/gnutls/x509utils.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/gnutls/x509utils.h b/src/gnutls/x509utils.h
index b939b248..39549941 100644
--- a/src/gnutls/x509utils.h
+++ b/src/gnutls/x509utils.h
@@ -7,13 +7,13 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GNUTLS_X509UTILS_H__
#define __XMLSEC_GNUTLS_X509UTILS_H__
#ifndef XMLSEC_PRIVATE
-#error "gnutls/x509utils.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#error "gnutls/x509utils.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
#ifdef __cplusplus
@@ -67,7 +67,7 @@ void xmlSecGnuTLSX509CertDebugXmlDump (gnutls_x509_crt
*
************************************************************************/
gnutls_x509_crl_t xmlSecGnuTLSX509CrlDup (gnutls_x509_crl_t src);
-xmlChar * xmlSecGnuTLSX509CrLGetIssuerDN (gnutls_x509_crl_t crl);
+xmlChar * xmlSecGnuTLSX509CrlGetIssuerDN (gnutls_x509_crl_t crl);
gnutls_x509_crl_t xmlSecGnuTLSX509CrlRead (const xmlSecByte* buf,
xmlSecSize size,
xmlSecKeyDataFormat format);
diff --git a/src/gnutls/x509vfy.c b/src/gnutls/x509vfy.c
index fd15c5ac..f302d8fc 100644
--- a/src/gnutls/x509vfy.c
+++ b/src/gnutls/x509vfy.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/io.c b/src/io.c
index 79ee3a63..ee538d3d 100644
--- a/src/io.c
+++ b/src/io.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -66,7 +66,7 @@ xmlSecIOCallbackCreate(xmlInputMatchCallback matchFunc, xmlInputOpenCallback ope
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecIOCallback)=%d",
- sizeof(xmlSecIOCallback));
+ (int)sizeof(xmlSecIOCallback));
return(NULL);
}
memset(callbacks, 0, sizeof(xmlSecIOCallback));
@@ -433,6 +433,35 @@ xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) {
return(0);
}
+
+/**
+ * xmlSecTransformInputURIClose:
+ * @transform: the pointer to IO transform.
+ *
+ * Closes the given @transform and frees up resourses.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecTransformInputURIClose(xmlSecTransformPtr transform) {
+ xmlSecInputURICtxPtr ctx;
+
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
+
+ ctx = xmlSecTransformInputUriGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* close if still open and mark as closed */
+ if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->closecallback != NULL)) {
+ (ctx->clbks->closecallback)(ctx->clbksCtx);
+ ctx->clbksCtx = NULL;
+ ctx->clbks = NULL;
+ }
+
+ /* done */
+ return(0);
+}
+
static int
xmlSecTransformInputURIInitialize(xmlSecTransformPtr transform) {
xmlSecInputURICtxPtr ctx;
@@ -448,17 +477,27 @@ xmlSecTransformInputURIInitialize(xmlSecTransformPtr transform) {
static void
xmlSecTransformInputURIFinalize(xmlSecTransformPtr transform) {
- xmlSecInputURICtxPtr ctx;
+ xmlSecInputURICtxPtr ctx;
+ int ret;
xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId));
ctx = xmlSecTransformInputUriGetCtx(transform);
xmlSecAssert(ctx != NULL);
- if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->closecallback != NULL)) {
- (ctx->clbks->closecallback)(ctx->clbksCtx);
- }
+ ret = xmlSecTransformInputURIClose(transform);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformInputURIClose",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "ret=%d", ret);
+ /* ignore the error */
+ /* return; */
+ }
+
memset(ctx, 0, sizeof(xmlSecInputURICtx));
+ return;
}
static int
diff --git a/src/keyinfo.c b/src/keyinfo.c
index 00390fa7..958492f1 100644
--- a/src/keyinfo.c
+++ b/src/keyinfo.c
@@ -39,7 +39,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -227,7 +227,7 @@ xmlSecKeyInfoCtxCreate(xmlSecKeysMngrPtr keysMngr) {
NULL,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
- "size=%d", sizeof(xmlSecKeyInfoCtx));
+ "size=%d", (int)sizeof(xmlSecKeyInfoCtx));
return(NULL);
}
@@ -761,7 +761,16 @@ xmlSecKeyDataNameXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
/* finally set key name if it is not there */
if(xmlSecKeyGetName(key) == NULL) {
- xmlSecKeySetName(key, newName);
+ ret = xmlSecKeySetName(key, newName);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+ "xmlSecKeySetName",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlFree(newName);
+ return(-1);
+ }
}
xmlFree(newName);
return(0);
diff --git a/src/keys.c b/src/keys.c
index 1d2f7331..456565b0 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -112,7 +112,7 @@ xmlSecKeyUseWithCreate(const xmlChar* application, const xmlChar* identifier) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecKeyUseWith)=%d",
- sizeof(xmlSecKeyUseWith));
+ (int)sizeof(xmlSecKeyUseWith));
return(NULL);
}
memset(keyUseWith, 0, sizeof(xmlSecKeyUseWith));
@@ -548,7 +548,7 @@ xmlSecKeyCreate(void) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecKey)=%d",
- sizeof(xmlSecKey));
+ (int)sizeof(xmlSecKey));
return(NULL);
}
memset(key, 0, sizeof(xmlSecKey));
diff --git a/src/keysdata.c b/src/keysdata.c
index de854ba6..30c800df 100644
--- a/src/keysdata.c
+++ b/src/keysdata.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -255,7 +255,7 @@ xmlSecKeyDataDuplicate(xmlSecKeyDataPtr data) {
}
ret = (data->id->duplicate)(newData, data);
- if(newData == NULL) {
+ if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"id->duplicate",
diff --git a/src/keysmngr.c b/src/keysmngr.c
index 31a03e97..5315203a 100644
--- a/src/keysmngr.c
+++ b/src/keysmngr.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -53,7 +53,7 @@ xmlSecKeysMngrCreate(void) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecKeysMngr)=%d",
- sizeof(xmlSecKeysMngr));
+ (int)sizeof(xmlSecKeysMngr));
return(NULL);
}
memset(mngr, 0, sizeof(xmlSecKeysMngr));
diff --git a/src/kw_aes_des.c b/src/kw_aes_des.c
index 022e720a..7eb74b05 100644
--- a/src/kw_aes_des.c
+++ b/src/kw_aes_des.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/kw_aes_des.h b/src/kw_aes_des.h
index 46e85273..19c98513 100644
--- a/src/kw_aes_des.h
+++ b/src/kw_aes_des.h
@@ -9,13 +9,13 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_KT_AES_DES_H__
#define __XMLSEC_KT_AES_DES_H__
#ifndef XMLSEC_PRIVATE
-#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
#ifdef __cplusplus
diff --git a/src/list.c b/src/list.c
index d1a00533..40650caf 100644
--- a/src/list.c
+++ b/src/list.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -65,7 +65,7 @@ xmlSecPtrListCreate(xmlSecPtrListId id) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecPtrList)=%d",
- sizeof(xmlSecPtrList));
+ (int)sizeof(xmlSecPtrList));
return(NULL);
}
@@ -479,7 +479,7 @@ xmlSecPtrListEnsureSize(xmlSecPtrListPtr list, xmlSecSize size) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecPtr)*%d=%d",
- newSize, sizeof(xmlSecPtr) * newSize);
+ newSize, (int)(sizeof(xmlSecPtr) * newSize));
return(-1);
}
diff --git a/src/membuf.c b/src/membuf.c
index eb78156c..24cca3da 100644
--- a/src/membuf.c
+++ b/src/membuf.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/mscrypto/Makefile.in b/src/mscrypto/Makefile.in
index 83c8f03a..d542fe4f 100644
--- a/src/mscrypto/Makefile.in
+++ b/src/mscrypto/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -36,14 +90,14 @@ build_triplet = @build@
host_triplet = @host@
@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
subdir = src/mscrypto
-DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -83,8 +137,9 @@ am__libxmlsec1_mscrypto_la_SOURCES_DIST = globals.h private.h app.c \
kw_aes.c kw_des.c kt_rsa.c signatures.c symkeys.c x509.c \
x509vfy.c csp_calg.h csp_oid.h xmlsec-mingw.h ../strings.c
am__objects_1 =
+am__dirstamp = $(am__leading_dot)dirstamp
@SHAREDLIB_HACK_TRUE@am__objects_2 = \
-@SHAREDLIB_HACK_TRUE@ libxmlsec1_mscrypto_la-strings.lo
+@SHAREDLIB_HACK_TRUE@ ../libxmlsec1_mscrypto_la-strings.lo
am_libxmlsec1_mscrypto_la_OBJECTS = libxmlsec1_mscrypto_la-app.lo \
libxmlsec1_mscrypto_la-certkeys.lo \
libxmlsec1_mscrypto_la-ciphers.lo \
@@ -104,10 +159,23 @@ libxmlsec1_mscrypto_la_OBJECTS = $(am_libxmlsec1_mscrypto_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_mscrypto_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_mscrypto_la_LDFLAGS) \
$(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -120,24 +188,43 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_mscrypto_la_SOURCES)
DIST_SOURCES = $(am__libxmlsec1_mscrypto_la_SOURCES_DIST)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -174,6 +261,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -193,6 +284,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -231,6 +323,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -247,7 +340,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -255,6 +347,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -274,6 +367,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -288,7 +382,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -303,6 +396,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -411,7 +505,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/mscrypto/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/mscrypto/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -429,9 +522,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -439,6 +532,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -454,21 +549,35 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+../$(am__dirstamp):
+ @$(MKDIR_P) ..
+ @: > ../$(am__dirstamp)
+../$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ../$(DEPDIR)
+ @: > ../$(DEPDIR)/$(am__dirstamp)
+../libxmlsec1_mscrypto_la-strings.lo: ../$(am__dirstamp) \
+ ../$(DEPDIR)/$(am__dirstamp)
+
libxmlsec1-mscrypto.la: $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_DEPENDENCIES) $(EXTRA_libxmlsec1_mscrypto_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_mscrypto_la_LINK) -rpath $(libdir) $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f ../*.$(OBJEXT)
+ -rm -f ../*.lo
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@../$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo@am__quote@
@@ -480,28 +589,30 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -604,39 +715,29 @@ libxmlsec1_mscrypto_la-x509vfy.lo: x509vfy.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-libxmlsec1_mscrypto_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='libxmlsec1_mscrypto_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+../libxmlsec1_mscrypto_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ../libxmlsec1_mscrypto_la-strings.lo -MD -MP -MF ../$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo -c -o ../libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ../$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo ../$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='../libxmlsec1_mscrypto_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ../libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf ../.libs ../_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -648,15 +749,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -665,6 +762,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -732,6 +844,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ../$(DEPDIR)/$(am__dirstamp)
+ -rm -f ../$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -742,7 +856,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -788,7 +902,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -809,19 +923,21 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: install-am install-strip
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/mscrypto/app.c b/src/mscrypto/app.c
index 92894d90..bcb0ea19 100644
--- a/src/mscrypto/app.c
+++ b/src/mscrypto/app.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -622,7 +622,7 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
goto done;
}
- hCertStore = PFXImportCertStore(&pfx, wcPwd, CRYPT_EXPORTABLE);
+ hCertStore = PFXImportCertStore(&pfx, wcPwd, CRYPT_EXPORTABLE | PKCS12_NO_PERSIST_KEY);
if (NULL == hCertStore) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
diff --git a/src/mscrypto/certkeys.c b/src/mscrypto/certkeys.c
index 12c2e404..1cf0e554 100644
--- a/src/mscrypto/certkeys.c
+++ b/src/mscrypto/certkeys.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/mscrypto/ciphers.c b/src/mscrypto/ciphers.c
index ea2edcd5..2ac3da03 100644
--- a/src/mscrypto/ciphers.c
+++ b/src/mscrypto/ciphers.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/mscrypto/crypto.c b/src/mscrypto/crypto.c
index 82ab101d..aea9685e 100644
--- a/src/mscrypto/crypto.c
+++ b/src/mscrypto/crypto.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
*/
#include "globals.h"
diff --git a/src/mscrypto/globals.h b/src/mscrypto/globals.h
index 2b88d5dd..35cbf242 100644
--- a/src/mscrypto/globals.h
+++ b/src/mscrypto/globals.h
@@ -22,18 +22,5 @@
#define IN_XMLSEC_CRYPTO
#define XMLSEC_PRIVATE
-/* OpenSSL 0.9.6 and 0.9.7 do not have SHA 224/256/384/512 */
-#if defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097)
-#define XMLSEC_NO_SHA224 1
-#define XMLSEC_NO_SHA256 1
-#define XMLSEC_NO_SHA384 1
-#define XMLSEC_NO_SHA512 1
-#endif /* defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097) */
-
-/* OpenSSL 0.9.6 does not have AES */
-#if defined(XMLSEC_OPENSSL_096)
-#define XMLSEC_NO_AES 1
-#endif /* XMLSEC_OPENSSL_096 */
-
#endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/mscrypto/hmac.c b/src/mscrypto/hmac.c
index e8709838..36370247 100644
--- a/src/mscrypto/hmac.c
+++ b/src/mscrypto/hmac.c
@@ -13,7 +13,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_HMAC
#include "globals.h"
diff --git a/src/mscrypto/keysstore.c b/src/mscrypto/keysstore.c
index 33f0cd27..8ead554c 100644
--- a/src/mscrypto/keysstore.c
+++ b/src/mscrypto/keysstore.c
@@ -13,7 +13,7 @@
* distribution for precise wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/mscrypto/kw_aes.c b/src/mscrypto/kw_aes.c
index 14e96d5a..71ac447d 100644
--- a/src/mscrypto/kw_aes.c
+++ b/src/mscrypto/kw_aes.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/mscrypto/kw_des.c b/src/mscrypto/kw_des.c
index 6ef356d4..227e76d5 100644
--- a/src/mscrypto/kw_des.c
+++ b/src/mscrypto/kw_des.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_DES
#include "globals.h"
diff --git a/src/mscrypto/private.h b/src/mscrypto/private.h
index 11479bff..37e7b9a4 100644
--- a/src/mscrypto/private.h
+++ b/src/mscrypto/private.h
@@ -7,13 +7,13 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_MSCRYPTO_PRIVATE_H__
#define __XMLSEC_MSCRYPTO_PRIVATE_H__
#ifndef XMLSEC_PRIVATE
-#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
#if defined(__MINGW32__)
diff --git a/src/mscrypto/signatures.c b/src/mscrypto/signatures.c
index 2c51f09a..1806dd22 100644
--- a/src/mscrypto/signatures.c
+++ b/src/mscrypto/signatures.c
@@ -5,7 +5,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
*/
#include "globals.h"
diff --git a/src/mscrypto/x509.c b/src/mscrypto/x509.c
index 5ae025f6..0f687695 100644
--- a/src/mscrypto/x509.c
+++ b/src/mscrypto/x509.c
@@ -8,7 +8,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -1928,6 +1928,7 @@ xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm) {
return(NULL);
}
+ xmlFree(resT);
return(res);
}
diff --git a/src/mscrypto/x509vfy.c b/src/mscrypto/x509vfy.c
index cf317877..899cb6e3 100644
--- a/src/mscrypto/x509vfy.c
+++ b/src/mscrypto/x509vfy.c
@@ -8,7 +8,7 @@
* distribution for preciese wording.
*
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -1183,10 +1183,12 @@ xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
"xmlSecMSCryptoConvertUtf8ToTstr",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ xmlFree(name2);
return(NULL);
}
/* done */
+ xmlFree(name2);
return(res);
}
diff --git a/src/mscrypto/xmlsec-mingw.h b/src/mscrypto/xmlsec-mingw.h
index ef5d2ae4..da7d1d0b 100644
--- a/src/mscrypto/xmlsec-mingw.h
+++ b/src/mscrypto/xmlsec-mingw.h
@@ -11,7 +11,7 @@
#define __XMLSEC_MSCRYPTO_XMLSEC_MINGW_H__
#ifndef XMLSEC_PRIVATE
-#error "xmlsec-mingw.h file contains private xmlsec definitions for mingw build and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#error "xmlsec-mingw.h file contains private xmlsec definitions for mingw build and should not be used outside xmlsec or xmlsec-$crypto libraries"
#endif /* XMLSEC_PRIVATE */
diff --git a/src/nodeset.c b/src/nodeset.c
index 04ae8105..800f1507 100644
--- a/src/nodeset.c
+++ b/src/nodeset.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -57,7 +57,7 @@ xmlSecNodeSetCreate(xmlDocPtr doc, xmlNodeSetPtr nodes, xmlSecNodeSetType type)
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecNodeSet)=%d",
- sizeof(xmlSecNodeSet));
+ (int)sizeof(xmlSecNodeSet));
return(NULL);
}
memset(nset, 0, sizeof(xmlSecNodeSet));
diff --git a/src/nss/Makefile.in b/src/nss/Makefile.in
index e799b8ee..5a1393d1 100644
--- a/src/nss/Makefile.in
+++ b/src/nss/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -36,14 +90,14 @@ build_triplet = @build@
host_triplet = @host@
@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
subdir = src/nss
-DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -83,7 +137,8 @@ am__libxmlsec1_nss_la_SOURCES_DIST = app.c bignum.c ciphers.c crypto.c \
x509vfy.c keysstore.c keytrans.c kw_des.c kw_aes.c globals.h \
../strings.c
am__objects_1 =
-@SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_nss_la-strings.lo
+am__dirstamp = $(am__leading_dot)dirstamp
+@SHAREDLIB_HACK_TRUE@am__objects_2 = ../libxmlsec1_nss_la-strings.lo
am_libxmlsec1_nss_la_OBJECTS = libxmlsec1_nss_la-app.lo \
libxmlsec1_nss_la-bignum.lo libxmlsec1_nss_la-ciphers.lo \
libxmlsec1_nss_la-crypto.lo libxmlsec1_nss_la-digests.lo \
@@ -97,10 +152,23 @@ libxmlsec1_nss_la_OBJECTS = $(am_libxmlsec1_nss_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_nss_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_nss_la_LDFLAGS) $(LDFLAGS) \
-o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -113,24 +181,43 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_nss_la_SOURCES)
DIST_SOURCES = $(am__libxmlsec1_nss_la_SOURCES_DIST)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -167,6 +254,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -186,6 +277,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -224,6 +316,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -240,7 +333,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -248,6 +340,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -267,6 +360,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -281,7 +375,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -296,6 +389,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -402,7 +496,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/nss/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/nss/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -420,9 +513,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -430,6 +523,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -445,21 +540,35 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+../$(am__dirstamp):
+ @$(MKDIR_P) ..
+ @: > ../$(am__dirstamp)
+../$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ../$(DEPDIR)
+ @: > ../$(DEPDIR)/$(am__dirstamp)
+../libxmlsec1_nss_la-strings.lo: ../$(am__dirstamp) \
+ ../$(DEPDIR)/$(am__dirstamp)
+
libxmlsec1-nss.la: $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_DEPENDENCIES) $(EXTRA_libxmlsec1_nss_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_nss_la_LINK) -rpath $(libdir) $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f ../*.$(OBJEXT)
+ -rm -f ../*.lo
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@../$(DEPDIR)/libxmlsec1_nss_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-app.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-bignum.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo@am__quote@
@@ -472,28 +581,30 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-signatures.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-x509.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -603,39 +714,29 @@ libxmlsec1_nss_la-kw_aes.lo: kw_aes.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
-libxmlsec1_nss_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo $(DEPDIR)/libxmlsec1_nss_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='libxmlsec1_nss_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+../libxmlsec1_nss_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ../libxmlsec1_nss_la-strings.lo -MD -MP -MF ../$(DEPDIR)/libxmlsec1_nss_la-strings.Tpo -c -o ../libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ../$(DEPDIR)/libxmlsec1_nss_la-strings.Tpo ../$(DEPDIR)/libxmlsec1_nss_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='../libxmlsec1_nss_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ../libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf ../.libs ../_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -647,15 +748,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -664,6 +761,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -731,6 +843,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ../$(DEPDIR)/$(am__dirstamp)
+ -rm -f ../$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -741,7 +855,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -787,7 +901,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -808,19 +922,21 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: install-am install-strip
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/nss/app.c b/src/nss/app.c
index dabe36d1..0a9046fc 100644
--- a/src/nss/app.c
+++ b/src/nss/app.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#include "globals.h"
diff --git a/src/nss/ciphers.c b/src/nss/ciphers.c
index 54bd2af2..cf679368 100644
--- a/src/nss/ciphers.c
+++ b/src/nss/ciphers.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#include "globals.h"
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
index 7137f1c4..ea79519f 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#include "globals.h"
diff --git a/src/nss/digests.c b/src/nss/digests.c
index 8063b443..2a81375c 100644
--- a/src/nss/digests.c
+++ b/src/nss/digests.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#include "globals.h"
diff --git a/src/nss/globals.h b/src/nss/globals.h
index 770b6dba..065c3e8f 100644
--- a/src/nss/globals.h
+++ b/src/nss/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
diff --git a/src/nss/hmac.c b/src/nss/hmac.c
index ae7e67ef..79fbf40d 100644
--- a/src/nss/hmac.c
+++ b/src/nss/hmac.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#ifndef XMLSEC_NO_HMAC
diff --git a/src/nss/keysstore.c b/src/nss/keysstore.c
index f07e44be..057fc454 100644
--- a/src/nss/keysstore.c
+++ b/src/nss/keysstore.c
@@ -271,7 +271,7 @@ xmlSecNssKeysStoreInitialize(xmlSecKeyStorePtr store) {
xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
ss = xmlSecNssKeysStoreGetSS(store);
- xmlSecAssert2((*ss == NULL), -1);
+ xmlSecAssert2(((ss == NULL) || (*ss == NULL)), -1);
*ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
if(*ss == NULL) {
diff --git a/src/nss/kw_aes.c b/src/nss/kw_aes.c
index 0438e306..cea884eb 100644
--- a/src/nss/kw_aes.c
+++ b/src/nss/kw_aes.c
@@ -8,7 +8,7 @@
* distribution for preciese wording.
*
* Copyright (c) 2003 America Online, Inc. All rights reserved.
- * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
+ * Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_AES
diff --git a/src/nss/kw_des.c b/src/nss/kw_des.c
index e75f69c9..4025d35e 100644
--- a/src/nss/kw_des.c
+++ b/src/nss/kw_des.c
@@ -8,7 +8,7 @@
* distribution for preciese wording.
*
* Copyright (c) 2003 America Online, Inc. All rights reserved.
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_DES
#include "globals.h"
diff --git a/src/nss/pkikeys.c b/src/nss/pkikeys.c
index ae9e29b4..5ede4ccb 100644
--- a/src/nss/pkikeys.c
+++ b/src/nss/pkikeys.c
@@ -752,6 +752,15 @@ xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
}
handle = PK11_ImportPublicKey(slot, pubkey, PR_FALSE);
+ if(handle == CK_INVALID_HANDLE) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+ "PK11_ImportPublicKey",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ ret = -1;
+ goto done;
+ }
data = xmlSecKeyDataCreate(id);
if(data == NULL ) {
diff --git a/src/nss/symkeys.c b/src/nss/symkeys.c
index 3da7a694..b98dd493 100644
--- a/src/nss/symkeys.c
+++ b/src/nss/symkeys.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/nss/x509vfy.c b/src/nss/x509vfy.c
index fdb866fe..9e957fea 100644
--- a/src/nss/x509vfy.c
+++ b/src/nss/x509vfy.c
@@ -233,7 +233,8 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
NULL,
XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
"cert with subject name %s could not be verified because the issuer's cert is expired/invalid or not found",
- cert->subjectName);
+ (cert != NULL) ? cert->subjectName : "(NULL)"
+ );
break;
case SEC_ERROR_EXPIRED_CERTIFICATE:
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -241,7 +242,8 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
NULL,
XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
"cert with subject name %s has expired",
- cert->subjectName);
+ (cert != NULL) ? cert->subjectName : "(NULL)"
+ );
break;
case SEC_ERROR_REVOKED_CERTIFICATE:
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -249,15 +251,16 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
NULL,
XMLSEC_ERRORS_R_CERT_REVOKED,
"cert with subject name %s has been revoked",
- cert->subjectName);
+ (cert != NULL) ? cert->subjectName : "(NULL)"
+ );
break;
default:
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
NULL,
XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
- "cert with subject name %s could not be verified, errcode %d",
- cert->subjectName,
+ "cert with subject name %s could not be verified, errcode %d",
+ (cert != NULL) ? cert->subjectName : "(NULL)",
PORT_GetError());
break;
}
@@ -690,11 +693,10 @@ xmlSecNssX509NameRead(xmlSecByte *str, int len) {
}
memcpy(p, value, valueLen);
p+=valueLen;
- if (len > 0)
+ if (len > 0) {
*p++=',';
+ }
}
- } else {
- valueLen = 0;
}
if(len > 0) {
++str; --len;
diff --git a/src/openssl/Makefile.am b/src/openssl/Makefile.am
index 23c225a1..309a44b2 100644
--- a/src/openssl/Makefile.am
+++ b/src/openssl/Makefile.am
@@ -25,6 +25,7 @@ libxmlsec1_openssl_la_SOURCES =\
crypto.c \
digests.c \
evp.c \
+ evp_signatures.c \
hmac.c \
kw_aes.c \
kw_des.c \
diff --git a/src/openssl/Makefile.in b/src/openssl/Makefile.in
index fd16efd0..c6cd744b 100644
--- a/src/openssl/Makefile.in
+++ b/src/openssl/Makefile.in
@@ -1,9 +1,8 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
-# Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
+
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -16,6 +15,61 @@
@SET_MAKE@
VPATH = @srcdir@
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
@@ -36,14 +90,14 @@ build_triplet = @build@
host_triplet = @host@
@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
subdir = src/openssl
-DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
- $(top_srcdir)/configure.in
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -79,14 +133,18 @@ am__installdirs = "$(DESTDIR)$(libdir)"
LTLIBRARIES = $(lib_LTLIBRARIES)
am__DEPENDENCIES_1 =
am__libxmlsec1_openssl_la_SOURCES_DIST = app.c bn.c ciphers.c crypto.c \
- digests.c evp.c hmac.c kw_aes.c kw_des.c kt_rsa.c signatures.c \
- symkeys.c x509.c x509vfy.c globals.h ../strings.c
+ digests.c evp.c evp_signatures.c hmac.c kw_aes.c kw_des.c \
+ kt_rsa.c signatures.c symkeys.c x509.c x509vfy.c globals.h \
+ ../strings.c
am__objects_1 =
-@SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_openssl_la-strings.lo
+am__dirstamp = $(am__leading_dot)dirstamp
+@SHAREDLIB_HACK_TRUE@am__objects_2 = \
+@SHAREDLIB_HACK_TRUE@ ../libxmlsec1_openssl_la-strings.lo
am_libxmlsec1_openssl_la_OBJECTS = libxmlsec1_openssl_la-app.lo \
libxmlsec1_openssl_la-bn.lo libxmlsec1_openssl_la-ciphers.lo \
libxmlsec1_openssl_la-crypto.lo \
libxmlsec1_openssl_la-digests.lo libxmlsec1_openssl_la-evp.lo \
+ libxmlsec1_openssl_la-evp_signatures.lo \
libxmlsec1_openssl_la-hmac.lo libxmlsec1_openssl_la-kw_aes.lo \
libxmlsec1_openssl_la-kw_des.lo \
libxmlsec1_openssl_la-kt_rsa.lo \
@@ -98,10 +156,23 @@ libxmlsec1_openssl_la_OBJECTS = $(am_libxmlsec1_openssl_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
+am__v_lt_1 =
libxmlsec1_openssl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_openssl_la_LDFLAGS) \
$(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -114,24 +185,43 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
-am__v_CC_0 = @echo " CC " $@;
-AM_V_at = $(am__v_at_@AM_V@)
-am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
-am__v_at_0 = @
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
CCLD = $(CC)
LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
-am__v_CCLD_0 = @echo " CCLD " $@;
-AM_V_GEN = $(am__v_GEN_@AM_V@)
-am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
-am__v_GEN_0 = @echo " GEN " $@;
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
SOURCES = $(libxmlsec1_openssl_la_SOURCES)
DIST_SOURCES = $(am__libxmlsec1_openssl_la_SOURCES_DIST)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp README
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -168,6 +258,10 @@ GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
GNUTLS_LIBS = @GNUTLS_LIBS@
GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
GREP = @GREP@
+GTKDOC_MKDB = @GTKDOC_MKDB@
+GTKDOC_MKHTML = @GTKDOC_MKHTML@
+GTKDOC_MKTMPL = @GTKDOC_MKTMPL@
+GTKDOC_SCAN = @GTKDOC_SCAN@
HELP2MAN = @HELP2MAN@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
@@ -187,6 +281,7 @@ LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
LIBXSLT_LIBS = @LIBXSLT_LIBS@
LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIBXSLT_PC_FILE_COND = @LIBXSLT_PC_FILE_COND@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
@@ -225,6 +320,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
@@ -241,7 +337,6 @@ XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
-XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
@@ -249,6 +344,7 @@ XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFAULT_CRYPTO = @XMLSEC_DEFAULT_CRYPTO@
XMLSEC_DEFINES = @XMLSEC_DEFINES@
XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
@@ -268,6 +364,7 @@ XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_GOST2012 = @XMLSEC_NO_GOST2012@
XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
@@ -282,7 +379,6 @@ XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
XMLSEC_NO_X509 = @XMLSEC_NO_X509@
-XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
@@ -297,6 +393,7 @@ XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+XSLTPROC = @XSLTPROC@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
@@ -369,8 +466,9 @@ libxmlsec1_openssl_la_CPPFLAGS = \
$(NULL)
libxmlsec1_openssl_la_SOURCES = app.c bn.c ciphers.c crypto.c \
- digests.c evp.c hmac.c kw_aes.c kw_des.c kt_rsa.c signatures.c \
- symkeys.c x509.c x509vfy.c globals.h $(NULL) $(am__append_1)
+ digests.c evp.c evp_signatures.c hmac.c kw_aes.c kw_des.c \
+ kt_rsa.c signatures.c symkeys.c x509.c x509vfy.c globals.h \
+ $(NULL) $(am__append_1)
libxmlsec1_openssl_la_LIBADD = \
$(OPENSSL_LIBS) \
$(LIBXSLT_LIBS) \
@@ -402,7 +500,6 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/openssl/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/openssl/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -420,9 +517,9 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
- test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
list2=; for p in $$list; do \
if test -f $$p; then \
@@ -430,6 +527,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
else :; fi; \
done; \
test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
}
@@ -445,54 +544,71 @@ uninstall-libLTLIBRARIES:
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
- @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
- dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
- test "$$dir" != "$$p" || dir=.; \
- echo "rm -f \"$${dir}/so_locations\""; \
- rm -f "$${dir}/so_locations"; \
- done
+ @list='$(lib_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+../$(am__dirstamp):
+ @$(MKDIR_P) ..
+ @: > ../$(am__dirstamp)
+../$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ../$(DEPDIR)
+ @: > ../$(DEPDIR)/$(am__dirstamp)
+../libxmlsec1_openssl_la-strings.lo: ../$(am__dirstamp) \
+ ../$(DEPDIR)/$(am__dirstamp)
+
libxmlsec1-openssl.la: $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_DEPENDENCIES) $(EXTRA_libxmlsec1_openssl_la_DEPENDENCIES)
$(AM_V_CCLD)$(libxmlsec1_openssl_la_LINK) -rpath $(libdir) $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f ../*.$(OBJEXT)
+ -rm -f ../*.lo
distclean-compile:
-rm -f *.tab.c
+@AMDEP_TRUE@@am__include@ @am__quote@../$(DEPDIR)/libxmlsec1_openssl_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-app.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-bn.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-digests.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-evp.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-strings.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-x509.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
@@ -539,6 +655,13 @@ libxmlsec1_openssl_la-evp.lo: evp.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
+libxmlsec1_openssl_la-evp_signatures.lo: evp_signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-evp_signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Tpo -c -o libxmlsec1_openssl_la-evp_signatures.lo `test -f 'evp_signatures.c' || echo '$(srcdir)/'`evp_signatures.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Tpo $(DEPDIR)/libxmlsec1_openssl_la-evp_signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='evp_signatures.c' object='libxmlsec1_openssl_la-evp_signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp_signatures.lo `test -f 'evp_signatures.c' || echo '$(srcdir)/'`evp_signatures.c
+
libxmlsec1_openssl_la-hmac.lo: hmac.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo $(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
@@ -595,39 +718,29 @@ libxmlsec1_openssl_la-x509vfy.lo: x509vfy.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-libxmlsec1_openssl_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo $(DEPDIR)/libxmlsec1_openssl_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='libxmlsec1_openssl_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+../libxmlsec1_openssl_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ../libxmlsec1_openssl_la-strings.lo -MD -MP -MF ../$(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo -c -o ../libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ../$(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo ../$(DEPDIR)/libxmlsec1_openssl_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='../strings.c' object='../libxmlsec1_openssl_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ../libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf ../.libs ../_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
-ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
- mkid -fID $$unique
-tags: TAGS
-
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ $(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
@@ -639,15 +752,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$$unique; \
fi; \
fi
-ctags: CTAGS
-CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
- $(TAGS_FILES) $(LISP)
- list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- unique=`for i in $$list; do \
- if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
- done | \
- $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
- END { if (nonempty) { for (i in files) print i; }; }'`; \
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
@@ -656,6 +765,21 @@ GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
@@ -723,6 +847,8 @@ clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ../$(DEPDIR)/$(am__dirstamp)
+ -rm -f ../$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -733,7 +859,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -779,7 +905,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ../$(DEPDIR) ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -800,19 +926,21 @@ uninstall-am: uninstall-libLTLIBRARIES
.MAKE: install-am install-strip
-.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
- clean-libLTLIBRARIES clean-libtool ctags distclean \
- distclean-compile distclean-generic distclean-libtool \
- distclean-tags distdir dvi dvi-am html html-am info info-am \
- install install-am install-data install-data-am install-dvi \
- install-dvi-am install-exec install-exec-am install-html \
- install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+ ctags-am distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dvi install-dvi-am install-exec \
+ install-exec-am install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES install-man install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
+ tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+
+.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/openssl/README b/src/openssl/README
index 0f1c625d..e33b0b0a 100644
--- a/src/openssl/README
+++ b/src/openssl/README
@@ -1,6 +1,6 @@
WHAT VERSION OF OPENSSL?
------------------------------------------------------------------------
-OpenSSL 0.9.6 is supported but some functionality requires 0.9.7 or greater.
+OpenSSL 0.9.8 or later is required
KEYS MANAGER
------------------------------------------------------------------------
@@ -9,9 +9,3 @@ OpenSSL does not have a keys or certificates storage implementation. The
default xmlsec-openssl key manager uses a simple keys store from xmlsec
core library based on plain keys list. Trusted/untrusted certificates
are stored in STACK_OF(X509) structures.
-
-KNOWN ISSUES.
-------------------------------------------------------------------------
-1) One day we might decide to drop OpenSSL 0.9.6 supprot and remove all
-these ifdef's to simplify the code.
-
diff --git a/src/openssl/app.c b/src/openssl/app.c
index 4f8f79e6..373e03a8 100644
--- a/src/openssl/app.c
+++ b/src/openssl/app.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -19,6 +19,7 @@
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/conf.h>
+#include <openssl/engine.h>
#include <xmlsec/xmlsec.h>
#include <xmlsec/keys.h>
@@ -96,6 +97,7 @@ xmlSecOpenSSLAppInit(const char* config) {
int
xmlSecOpenSSLAppShutdown(void) {
xmlSecOpenSSLAppSaveRANDFile(NULL);
+
RAND_cleanup();
EVP_cleanup();
@@ -103,14 +105,21 @@ xmlSecOpenSSLAppShutdown(void) {
X509_TRUST_cleanup();
#endif /* XMLSEC_NO_X509 */
-#ifndef XMLSEC_OPENSSL_096
+ ENGINE_cleanup();
+ CONF_modules_unload(1);
+
CRYPTO_cleanup_all_ex_data();
-#endif /* XMLSEC_OPENSSL_096 */
/* finally cleanup errors */
+#if defined(XMLSEC_OPENSSL_100) || defined(XMLSEC_OPENSSL_110)
+ ERR_remove_thread_state(NULL);
+#else
ERR_remove_state(0);
+#endif /* defined(XMLSEC_OPENSSL_100) || defined(XMLSEC_OPENSSL_110) */
+
ERR_free_strings();
+ /* done */
return(0);
}
@@ -255,7 +264,7 @@ xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
}
if(pKey == NULL) {
/* go to start of the file and try to read public key */
- BIO_reset(bio);
+ (void)BIO_reset(bio);
pKey = PEM_read_bio_PUBKEY(bio, NULL,
XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
pwdCallbackCtx);
@@ -274,7 +283,7 @@ xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
pKey = d2i_PrivateKey_bio(bio, NULL);
if(pKey == NULL) {
/* go to start of the file and try to read public key */
- BIO_reset(bio);
+ (void)BIO_reset(bio);
pKey = d2i_PUBKEY_bio(bio, NULL);
if(pKey == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
diff --git a/src/openssl/bn.c b/src/openssl/bn.c
index dfeae6ea..db186d11 100644
--- a/src/openssl/bn.c
+++ b/src/openssl/bn.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/openssl/ciphers.c b/src/openssl/ciphers.c
index 1b600625..c93f06b9 100644
--- a/src/openssl/ciphers.c
+++ b/src/openssl/ciphers.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -21,10 +21,11 @@
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
-/* this is not defined in OpenSSL 0.9.6 */
-#ifndef EVP_MAX_BLOCK_LENGTH
-#define EVP_MAX_BLOCK_LENGTH 32
-#endif /* EVP_MAX_BLOCK_LENGTH */
+/* new API from OpenSSL 1.1.0 */
+#if !defined(XMLSEC_OPENSSL_110)
+#define EVP_CIPHER_CTX_encrypting(x) ((x)->encrypt)
+#endif /* !defined(XMLSEC_OPENSSL_110) */
+
/**************************************************************************
*
@@ -36,25 +37,33 @@ typedef struct _xmlSecOpenSSLEvpBlockCipherCtx xmlSecOpenSSLEvpBlockCip
struct _xmlSecOpenSSLEvpBlockCipherCtx {
const EVP_CIPHER* cipher;
xmlSecKeyDataId keyId;
- EVP_CIPHER_CTX cipherCtx;
+ EVP_CIPHER_CTX* cipherCtx;
int keyInitialized;
int ctxInitialized;
xmlSecByte key[EVP_MAX_KEY_LENGTH];
xmlSecByte iv[EVP_MAX_IV_LENGTH];
- xmlSecByte pad[EVP_MAX_BLOCK_LENGTH];
+ xmlSecByte pad[2*EVP_MAX_BLOCK_LENGTH];
};
+
static int xmlSecOpenSSLEvpBlockCipherCtxInit (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
xmlSecBufferPtr in,
xmlSecBufferPtr out,
int encrypt,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx);
+static int xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+ const xmlSecByte * in,
+ int inSize,
+ xmlSecBufferPtr out,
+ const xmlChar* cipherName,
+ int final);
static int xmlSecOpenSSLEvpBlockCipherCtxUpdate (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
xmlSecBufferPtr in,
xmlSecBufferPtr out,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx);
static int xmlSecOpenSSLEvpBlockCipherCtxFinal (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+ xmlSecBufferPtr in,
xmlSecBufferPtr out,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx);
@@ -69,6 +78,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->cipher != NULL, -1);
+ xmlSecAssert2(ctx->cipherCtx != NULL, -1);
xmlSecAssert2(ctx->keyInitialized != 0, -1);
xmlSecAssert2(ctx->ctxInitialized == 0, -1);
xmlSecAssert2(in != NULL, -1);
@@ -126,7 +136,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
}
/* set iv */
- ret = EVP_CipherInit(&(ctx->cipherCtx), ctx->cipher, ctx->key, ctx->iv, encrypt);
+ ret = EVP_CipherInit(ctx->cipherCtx, ctx->cipher, ctx->key, ctx->iv, encrypt);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
@@ -140,84 +150,59 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
/*
* The padding used in XML Enc does not follow RFC 1423
- * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
- * it is possible to disable padding and do it by yourself
- * For OpenSSL 0.9.6 you have interop problems
+ * and is not supported by OpenSSL. However, it is possible
+ * to disable padding and do it by yourself
+ *
+ * https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block
*/
-#ifndef XMLSEC_OPENSSL_096
- EVP_CIPHER_CTX_set_padding(&(ctx->cipherCtx), 0);
-#endif /* XMLSEC_OPENSSL_096 */
+ EVP_CIPHER_CTX_set_padding(ctx->cipherCtx, 0);
+
return(0);
}
static int
-xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
- xmlSecBufferPtr in, xmlSecBufferPtr out,
- const xmlChar* cipherName,
- xmlSecTransformCtxPtr transformCtx) {
- int blockLen, fixLength = 0, outLen = 0;
- xmlSecSize inSize, outSize;
+xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+ const xmlSecByte * in,
+ int inSize,
+ xmlSecBufferPtr out,
+ const xmlChar* cipherName,
+ int final) {
xmlSecByte* outBuf;
+ xmlSecSize outSize;
+ int blockLen, outLen = 0;
int ret;
xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->cipher != NULL, -1);
+ xmlSecAssert2(ctx->cipherCtx != NULL, -1);
xmlSecAssert2(ctx->keyInitialized != 0, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(inSize > 0, -1);
xmlSecAssert2(out != NULL, -1);
- xmlSecAssert2(transformCtx != NULL, -1);
+ /* OpenSSL docs: If the pad parameter is zero then no padding is performed, the total amount of
+ * data encrypted or decrypted must then be a multiple of the block size or an error will occur.
+ */
blockLen = EVP_CIPHER_block_size(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ xmlSecAssert2((inSize % blockLen) == 0, -1);
- inSize = xmlSecBufferGetSize(in);
+ /* prepare: ensure we have enough space (+blockLen for final) */
outSize = xmlSecBufferGetSize(out);
-
- if(inSize == 0) {
- /* wait for more data */
- return(0);
- }
-
- /* OpenSSL docs: The amount of data written depends on the block
- * alignment of the encrypted data: as a result the amount of data
- * written may be anything from zero bytes to (inl + cipher_block_size - 1).
- */
ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"xmlSecBufferSetMaxSize",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%d", outSize + inSize + blockLen);
+ "size=%d", (int)(outSize + inSize + blockLen));
return(-1);
}
- outBuf = xmlSecBufferGetData(out) + outSize;
-
- /*
- * The padding used in XML Enc does not follow RFC 1423
- * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
- * it is possible to disable padding and do it by yourself
- * For OpenSSL 0.9.6 you have interop problems.
- *
- * The logic below is copied from EVP_DecryptUpdate() function.
- * This is a hack but it's the only way I can provide binary
- * compatibility with previous versions of xmlsec.
- * This needs to be fixed in the next XMLSEC API refresh.
- */
-#ifndef XMLSEC_OPENSSL_096
- if(!ctx->cipherCtx.encrypt) {
- if(ctx->cipherCtx.final_used) {
- memcpy(outBuf, ctx->cipherCtx.final, blockLen);
- outBuf += blockLen;
- fixLength = 1;
- } else {
- fixLength = 0;
- }
- }
-#endif /* XMLSEC_OPENSSL_096 */
+ outBuf = xmlSecBufferGetData(out) + outSize;
/* encrypt/decrypt */
- ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, xmlSecBufferGetData(in), inSize);
+ ret = EVP_CipherUpdate(ctx->cipherCtx, outBuf, &outLen, in, inSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
@@ -226,27 +211,24 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
+ xmlSecAssert2(outLen == inSize, -1);
-#ifndef XMLSEC_OPENSSL_096
- if(!ctx->cipherCtx.encrypt) {
- /*
- * The logic below is copied from EVP_DecryptUpdate() function.
- * This is a hack but it's the only way I can provide binary
- * compatibility with previous versions of xmlsec.
- * This needs to be fixed in the next XMLSEC API refresh.
- */
- if (blockLen > 1 && !ctx->cipherCtx.buf_len) {
- outLen -= blockLen;
- ctx->cipherCtx.final_used = 1;
- memcpy(ctx->cipherCtx.final, &outBuf[outLen], blockLen);
- } else {
- ctx->cipherCtx.final_used = 0;
- }
- if (fixLength) {
- outLen += blockLen;
+ /* finalize transform if needed */
+ if(final != 0) {
+ int outLen2 = 0;
+
+ ret = EVP_CipherFinal(ctx->cipherCtx, outBuf + outLen, &outLen2);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(cipherName),
+ "EVP_CipherFinal",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
}
+
+ outLen += outLen2;
}
-#endif /* XMLSEC_OPENSSL_096 */
/* set correct output buffer size */
ret = xmlSecBufferSetSize(out, outSize + outLen);
@@ -255,166 +237,226 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
xmlSecErrorsSafeString(cipherName),
"xmlSecBufferSetSize",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%d", outSize + outLen);
+ "size=%d", (int)(outSize + outLen));
+ return(-1);
+ }
+
+ /* done */
+ return (0);
+}
+
+static int
+xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+ xmlSecBufferPtr in, xmlSecBufferPtr out,
+ const xmlChar* cipherName,
+ xmlSecTransformCtxPtr transformCtx) {
+ xmlSecSize inSize, blockLen, inBlocksLen;
+ xmlSecByte* inBuf;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->cipherCtx != NULL, -1);
+ xmlSecAssert2(ctx->keyInitialized != 0, -1);
+ xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+ xmlSecAssert2(in != NULL, -1);
+ xmlSecAssert2(out != NULL, -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+
+ blockLen = EVP_CIPHER_block_size(ctx->cipher);
+ xmlSecAssert2(blockLen > 0, -1);
+
+ inSize = xmlSecBufferGetSize(in);
+ if(inSize <= blockLen) {
+ /* wait for more data: we want to make sure we keep the last chunk in tmp buffer for
+ * padding check/removal on decryption
+ */
+ return(0);
+ }
+
+ /* OpenSSL docs: If the pad parameter is zero then no padding is performed, the total amount of
+ * data encrypted or decrypted must then be a multiple of the block size or an error will occur.
+ *
+ * We process all complete blocks from the input
+ */
+ inBlocksLen = blockLen * (inSize / blockLen);
+ if(inBlocksLen == inSize) {
+ inBlocksLen -= blockLen; /* ensure we keep the last block around for Final() call to add/check/remove padding */
+ }
+ xmlSecAssert2(inBlocksLen > 0, -1);
+
+ inBuf = xmlSecBufferGetData(in);
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inBlocksLen, out, cipherName, 0); /* not final */
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(cipherName),
+ "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ NULL);
return(-1);
}
/* remove the processed block from input */
- ret = xmlSecBufferRemoveHead(in, inSize);
+ ret = xmlSecBufferRemoveHead(in, inBlocksLen);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"xmlSecBufferRemoveHead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%d", inSize);
+ "size=%d", (int)inSize);
return(-1);
}
+
+ /* just a double check */
+ inSize = xmlSecBufferGetSize(in);
+ xmlSecAssert2(inSize > 0, -1);
+ xmlSecAssert2(inSize <= blockLen, -1);
+
+ /* done */
return(0);
}
static int
xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+ xmlSecBufferPtr in,
xmlSecBufferPtr out,
const xmlChar* cipherName,
xmlSecTransformCtxPtr transformCtx) {
- int blockLen, outLen = 0, outLen2 = 0;
- xmlSecSize outSize;
+ xmlSecSize inSize, outSize, blockLen;
+ xmlSecByte* inBuf;
xmlSecByte* outBuf;
int ret;
xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->cipher != NULL, -1);
+ xmlSecAssert2(ctx->cipherCtx != NULL, -1);
xmlSecAssert2(ctx->keyInitialized != 0, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+ xmlSecAssert2(in != NULL, -1);
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
blockLen = EVP_CIPHER_block_size(ctx->cipher);
xmlSecAssert2(blockLen > 0, -1);
+ xmlSecAssert2(blockLen <= EVP_MAX_BLOCK_LENGTH, -1);
- outSize = xmlSecBufferGetSize(out);
-
- /* OpenSSL docs: The encrypted final data is written to out which should
- * have sufficient space for one cipher block. We might have to write
- * one more block with padding
- */
- ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(cipherName),
- "xmlSecBufferSetMaxSize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%d", outSize + 2 * blockLen);
- return(-1);
- }
- outBuf = xmlSecBufferGetData(out) + outSize;
+ /* not more than one block left */
+ inSize = xmlSecBufferGetSize(in);
+ inBuf = xmlSecBufferGetData(in);
+ xmlSecAssert2(inSize <= blockLen, -1);
/*
* The padding used in XML Enc does not follow RFC 1423
- * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
- * it is possible to disable padding and do it by yourself
- * For OpenSSL 0.9.6 you have interop problems.
+ * and is not supported by OpenSSL. However, it is possible
+ * to disable padding and do it by yourself
*
- * The logic below is copied from EVP_DecryptFinal() function.
- * This is a hack but it's the only way I can provide binary
- * compatibility with previous versions of xmlsec.
- * This needs to be fixed in the next XMLSEC API refresh.
+ * https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block
*/
-#ifndef XMLSEC_OPENSSL_096
- if(ctx->cipherCtx.encrypt) {
- int padLen;
-
- xmlSecAssert2(blockLen <= EVP_MAX_BLOCK_LENGTH, -1);
+ if(EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) {
+ xmlSecSize padLen;
- padLen = blockLen - ctx->cipherCtx.buf_len;
+ /* figure out pad length, if it is 0 (i.e. inSize == blockLen) then set it to blockLen */
+ padLen = blockLen - inSize;
+ if(padLen == 0) {
+ padLen = blockLen;
+ }
xmlSecAssert2(padLen > 0, -1);
+ xmlSecAssert2(inSize + padLen <= sizeof(ctx->pad), -1);
+
+ /* we can have inSize == 0 if there were no data at all, otherwise -- copy the data */
+ if(inSize > 0) {
+ memcpy(ctx->pad, inBuf, inSize);
+ }
/* generate random padding */
if(padLen > 1) {
- ret = RAND_bytes(ctx->pad, padLen - 1);
+ ret = RAND_bytes(ctx->pad + inSize, padLen - 1);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
"RAND_bytes",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "size=%d", padLen - 1);
+ "size=%d", (int)(padLen - 1));
return(-1);
}
}
- ctx->pad[padLen - 1] = padLen;
- /* write padding */
- ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, ctx->pad, padLen);
- if(ret != 1) {
+ /* set the last byte to the pad length */
+ ctx->pad[inSize + padLen - 1] = padLen;
+
+ /* update the last 1 or 2 blocks with padding */
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, ctx->pad, inSize + padLen, out, cipherName, 1); /* final */
+ if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
- "EVP_CipherUpdate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ NULL);
return(-1);
}
- outBuf += outLen;
- }
-#endif /* XMLSEC_OPENSSL_096 */
+ } else {
+ xmlSecSize padLen;
- /* finalize transform */
- ret = EVP_CipherFinal(&(ctx->cipherCtx), outBuf, &outLen2);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
+ /* update the last one block with padding */
+ ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inSize, out, cipherName, 1); /* final */
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(cipherName),
+ "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ NULL);
+ return(-1);
+ }
+
+ /* we expect at least one block in the output -- the one we just decrypted */
+ outBuf = xmlSecBufferGetData(out);
+ outSize = xmlSecBufferGetSize(out);
+ if(outSize < blockLen) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
- "EVP_CipherFinal",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_DATA,
+ "outSize=%d;blockLen=%d",
+ (int)outSize, (int)blockLen);
+ return(-1);
+ }
- /*
- * The padding used in XML Enc does not follow RFC 1423
- * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
- * it is possible to disable padding and do it by yourself
- * For OpenSSL 0.9.6 you have interop problems.
- *
- * The logic below is copied from EVP_DecryptFinal() function.
- * This is a hack but it's the only way I can provide binary
- * compatibility with previous versions of xmlsec.
- * This needs to be fixed in the next XMLSEC API refresh.
- */
-#ifndef XMLSEC_OPENSSL_096
- if(!ctx->cipherCtx.encrypt) {
- /* we instructed openssl to do not use padding so there
- * should be no final block
- */
- xmlSecAssert2(outLen2 == 0, -1);
- xmlSecAssert2(ctx->cipherCtx.buf_len == 0, -1);
- xmlSecAssert2(ctx->cipherCtx.final_used, -1);
-
- if(blockLen > 1) {
- outLen2 = blockLen - ctx->cipherCtx.final[blockLen - 1];
- if(outLen2 > 0) {
- memcpy(outBuf, ctx->cipherCtx.final, outLen2);
- } else if(outLen2 < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(cipherName),
- NULL,
- XMLSEC_ERRORS_R_INVALID_DATA,
- "padding=%d;buffer=%d",
- ctx->cipherCtx.final[blockLen - 1], blockLen);
- return(-1);
- }
+ /* get the pad length from the last byte */
+ padLen = (xmlSecSize)(outBuf[outSize - 1]);
+ if(padLen > blockLen) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(cipherName),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_DATA,
+ "padLen=%d;blockLen=%d",
+ (int)padLen, (int)blockLen);
+ return(-1);
+ }
+ xmlSecAssert2(padLen <= outSize, -1);
+
+ /* remove the padding */
+ ret = xmlSecBufferRemoveTail(out, padLen);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(cipherName),
+ "xmlSecBufferRemoveTail",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%d", (int)padLen);
+ return(-1);
}
}
-#endif /* XMLSEC_OPENSSL_096 */
- /* set correct output buffer size */
- ret = xmlSecBufferSetSize(out, outSize + outLen + outLen2);
+ /* remove the processed block from input */
+ ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(cipherName),
- "xmlSecBufferSetSize",
+ "xmlSecBufferRemoveHead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%d", outSize + outLen + outLen2);
+ "size=%d", (int)inSize);
return(-1);
}
+ /* done */
return(0);
}
@@ -505,7 +547,18 @@ xmlSecOpenSSLEvpBlockCipherInitialize(xmlSecTransformPtr transform) {
return(-1);
}
- EVP_CIPHER_CTX_init(&(ctx->cipherCtx));
+ /* create cipher ctx */
+ ctx->cipherCtx = EVP_CIPHER_CTX_new();
+ if(ctx->cipherCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_CIPHER_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* done */
return(0);
}
@@ -519,7 +572,10 @@ xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) {
ctx = xmlSecOpenSSLEvpBlockCipherGetCtx(transform);
xmlSecAssert(ctx != NULL);
- EVP_CIPHER_CTX_cleanup(&(ctx->cipherCtx));
+ if(ctx->cipherCtx != NULL) {
+ EVP_CIPHER_CTX_free(ctx->cipherCtx);
+ }
+
memset(ctx, 0, sizeof(xmlSecOpenSSLEvpBlockCipherCtx));
}
@@ -584,7 +640,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
NULL,
XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
"keySize=%d;expected=%d",
- xmlSecBufferGetSize(buffer), cipherKeyLen);
+ (int)xmlSecBufferGetSize(buffer), (int)cipherKeyLen);
return(-1);
}
@@ -654,9 +710,7 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe
}
if(last != 0) {
- /* by now there should be no input */
- xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
- ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, out,
+ ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, in, out,
xmlSecTransformGetName(transform),
transformCtx);
if(ret < 0) {
@@ -668,6 +722,9 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe
return(-1);
}
transform->status = xmlSecTransformStatusFinished;
+
+ /* by now there should be no input */
+ xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
}
} else if(transform->status == xmlSecTransformStatusFinished) {
/* the only way we can get here is if there is no input */
@@ -680,7 +737,7 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_STATUS,
- "status=%d", transform->status);
+ "status=%d", (int)(transform->status));
return(-1);
}
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index eba1a323..b70eb731 100644
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -80,7 +80,12 @@ xmlSecCryptoGetFunctions_openssl(void) {
#ifndef XMLSEC_NO_GOST
gXmlSecOpenSSLFunctions->keyDataGost2001GetKlass = xmlSecOpenSSLKeyDataGost2001GetKlass;
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_256GetKlass = xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_512GetKlass = xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
#ifndef XMLSEC_NO_HMAC
gXmlSecOpenSSLFunctions->keyDataHmacGetKlass = xmlSecOpenSSLKeyDataHmacGetKlass;
@@ -166,13 +171,17 @@ xmlSecCryptoGetFunctions_openssl(void) {
/******************************* GOST ********************************/
#ifndef XMLSEC_NO_GOST
- gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass = xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
-#endif /* XMLSEC_NO_GOST */
-
-#ifndef XMLSEC_NO_GOST
+ gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass = xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
gXmlSecOpenSSLFunctions->transformGostR3411_94GetKlass = xmlSecOpenSSLTransformGostR3411_94GetKlass;
#endif /* XMLSEC_NO_GOST */
+#ifndef XMLSEC_NO_GOST2012
+ gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass = xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass = xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3411_2012_256GetKlass = xmlSecOpenSSLTransformGostR3411_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3411_2012_512GetKlass = xmlSecOpenSSLTransformGostR3411_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
+
/******************************* HMAC ********************************/
#ifndef XMLSEC_NO_HMAC
diff --git a/src/openssl/digests.c b/src/openssl/digests.c
index 0e0978f7..5ec5299a 100644
--- a/src/openssl/digests.c
+++ b/src/openssl/digests.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -20,6 +20,16 @@
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
+/* new API from OpenSSL 1.1.0 (https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html):
+ *
+ * EVP_MD_CTX_create() and EVP_MD_CTX_destroy() were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.
+ */
+#if !defined(XMLSEC_OPENSSL_110)
+#define EVP_MD_CTX_new() EVP_MD_CTX_create()
+#define EVP_MD_CTX_free(x) EVP_MD_CTX_destroy((x))
+#endif /* !defined(XMLSEC_OPENSSL_110) */
+
+
/**************************************************************************
*
* Internal OpenSSL Digest CTX
@@ -28,7 +38,7 @@
typedef struct _xmlSecOpenSSLDigestCtx xmlSecOpenSSLDigestCtx, *xmlSecOpenSSLDigestCtxPtr;
struct _xmlSecOpenSSLDigestCtx {
const EVP_MD* digest;
- EVP_MD_CTX digestCtx;
+ EVP_MD_CTX* digestCtx;
xmlSecByte dgst[EVP_MAX_MD_SIZE];
xmlSecSize dgstSize; /* dgst size in bytes */
};
@@ -108,6 +118,15 @@ xmlSecOpenSSLEvpDigestCheckId(xmlSecTransformPtr transform) {
} else
#endif /* XMLSEC_NO_GOST*/
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+ return(1);
+ } else
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
{
return(0);
@@ -174,6 +193,20 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_GOST
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_94Id)) {
ctx->digest = EVP_get_digestbyname("md_gost94");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+ ctx->digest = EVP_get_digestbyname("md_gost12_256");
if (!ctx->digest)
{
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -184,7 +217,20 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
return(-1);
}
} else
-#endif /* XMLSEC_NO_GOST*/
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+ ctx->digest = EVP_get_digestbyname("md_gost12_512");
+ if (!ctx->digest)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
{
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -195,10 +241,18 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
return(-1);
}
-#ifndef XMLSEC_OPENSSL_096
- EVP_MD_CTX_init(&(ctx->digestCtx));
-#endif /* XMLSEC_OPENSSL_096 */
+ /* create digest CTX */
+ ctx->digestCtx = EVP_MD_CTX_new();
+ if(ctx->digestCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_MD_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ /* done */
return(0);
}
@@ -212,9 +266,10 @@ xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) {
ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
xmlSecAssert(ctx != NULL);
-#ifndef XMLSEC_OPENSSL_096
- EVP_MD_CTX_cleanup(&(ctx->digestCtx));
-#endif /* XMLSEC_OPENSSL_096 */
+ if(ctx->digestCtx != NULL) {
+ EVP_MD_CTX_free(ctx->digestCtx);
+ }
+
memset(ctx, 0, sizeof(xmlSecOpenSSLDigestCtx));
}
@@ -280,10 +335,10 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digest != NULL, -1);
+ xmlSecAssert2(ctx->digestCtx != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
+ ret = EVP_DigestInit(ctx->digestCtx, ctx->digest);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
@@ -292,9 +347,6 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-#else /* XMLSEC_OPENSSL_096 */
- EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
-#endif /* XMLSEC_OPENSSL_096 */
transform->status = xmlSecTransformStatusWorking;
}
@@ -303,8 +355,7 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+ ret = EVP_DigestUpdate(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
@@ -313,9 +364,6 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
"size=%d", inSize);
return(-1);
}
-#else /* XMLSEC_OPENSSL_096 */
- EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-#endif /* XMLSEC_OPENSSL_096 */
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
@@ -332,8 +380,7 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1);
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &dgstSize);
+ ret = EVP_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
@@ -342,9 +389,6 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-#else /* XMLSEC_OPENSSL_096 */
- EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &dgstSize);
-#endif /* XMLSEC_OPENSSL_096 */
xmlSecAssert2(dgstSize > 0, -1);
ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
@@ -745,3 +789,91 @@ xmlSecOpenSSLTransformGostR3411_94GetKlass(void) {
}
#endif /* XMLSEC_NO_GOST*/
+#ifndef XMLSEC_NO_GOST2012
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 256 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* size_t klassSize */
+ xmlSecOpenSSLEvpDigestSize, /* size_t objSize */
+
+ xmlSecNameGostR3411_2012_256, /* const xmlChar* name; */
+ xmlSecHrefGostR3411_2012_256, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+ xmlSecOpenSSLEvpDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3411_2012_256Klass);
+}
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 512 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* size_t klassSize */
+ xmlSecOpenSSLEvpDigestSize, /* size_t objSize */
+
+ xmlSecNameGostR3411_2012_512, /* const xmlChar* name; */
+ xmlSecHrefGostR3411_2012_512, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+ xmlSecOpenSSLEvpDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3411_2012_512Klass);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
diff --git a/src/openssl/evp.c b/src/openssl/evp.c
index 9cb52dc2..328602bc 100644
--- a/src/openssl/evp.c
+++ b/src/openssl/evp.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -250,6 +250,7 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
}
break;
#endif /* XMLSEC_NO_ECDSA */
+
#ifndef XMLSEC_NO_GOST
case NID_id_GostR3410_2001:
data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGost2001Id);
@@ -263,6 +264,33 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
}
break;
#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ case NID_id_GostR3410_2012_256:
+ data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_256Id);
+ if(data == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyDataCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "xmlSecOpenSSLKeyDataGostR3410_2012_256Id");
+ return(NULL);
+ }
+ break;
+
+ case NID_id_GostR3410_2012_512:
+ data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_512Id);
+ if(data == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyDataCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "xmlSecOpenSSLKeyDataGostR3410_2012_512Id");
+ return(NULL);
+ }
+ break;
+#endif /* XMLSEC_NO_GOST2012 */
+
default:
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -914,16 +942,27 @@ xmlSecOpenSSLKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
xmlSecAssert2(sizeBits > 0, -1);
- dsa = DSA_generate_parameters(sizeBits, NULL, 0, &counter_ret, &h_ret, NULL, NULL);
+ dsa = DSA_new();
if(dsa == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "DSA_generate_parameters",
+ "DSA_new",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"size=%d", sizeBits);
return(-1);
}
+ ret = DSA_generate_parameters_ex(dsa, sizeBits, NULL, 0, &counter_ret, &h_ret, NULL);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+ "DSA_generate_parameters_ex",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "size=%d", sizeBits);
+ DSA_free(dsa);
+ return(-1);
+ }
+
ret = DSA_generate_key(dsa);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1060,8 +1099,8 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataEcdsaKlass = {
NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
/* read/write */
- NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
- NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
NULL, /* xmlSecKeyDataBinReadMethod binRead; */
NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
@@ -1225,7 +1264,8 @@ static xmlSecSize
xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) {
const EC_GROUP *group;
const EC_KEY *ecdsa;
- BIGNUM order;
+ BIGNUM * order;
+ xmlSecSize res;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), 0);
@@ -1244,16 +1284,30 @@ xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) {
return(0);
}
- if(EC_GROUP_get_order(group, &order, NULL) != 1) {
+ order = BN_new();
+ if(order == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "BN_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(0);
+ }
+
+ if(EC_GROUP_get_order(group, order, NULL) != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EC_GROUP_get_order",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ BN_free(order);
return(0);
}
- return(BN_num_bytes(&order));
+ res = BN_num_bytes(order);
+ BN_free(order);
+
+ return(res);
}
static void
@@ -1758,19 +1812,55 @@ xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
static int
xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+ BIGNUM* e;
RSA* rsa;
int ret;
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
xmlSecAssert2(sizeBits > 0, -1);
- rsa = RSA_generate_key(sizeBits, 3, NULL, NULL);
+ /* create exponent */
+ e = BN_new();
+ if(e == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+ "BN_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "sizeBits=%d", sizeBits);
+ return(-1);
+ }
+
+ ret = BN_set_word(e, RSA_F4);
+ if(ret != 1){
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+ "BN_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "sizeBits=%d", sizeBits);
+ BN_free(e);
+ return(-1);
+ }
+
+ rsa = RSA_new();
if(rsa == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+ "RSA_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "sizeBits=%d", sizeBits);
+ BN_free(e);
+ return(-1);
+ }
+
+ ret = RSA_generate_key_ex(rsa, sizeBits, e, NULL);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
"RSA_generate_key",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"sizeBits=%d", sizeBits);
+ RSA_free(rsa);
+ BN_free(e);
return(-1);
}
@@ -1782,9 +1872,14 @@ xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
RSA_free(rsa);
+ BN_free(e);
return(-1);
}
+ /* cleanup (don't release rsa since xmlSecKeyDataPtr data owns it now */
+ BN_free(e);
+
+ /* done */
return(0);
}
@@ -1798,7 +1893,7 @@ xmlSecOpenSSLKeyDataRsaGetType(xmlSecKeyDataPtr data) {
if((rsa != NULL) && (rsa->n != NULL) && (rsa->e != NULL)) {
if(rsa->d != NULL) {
return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
- } else if(rsa->engine != NULL) {
+ } else if((rsa->flags & RSA_FLAG_EXT_PKEY) != 0) {
/*
* !!! HACK !!! Also see DSA key
* We assume here that engine *always* has private key.
@@ -1844,14 +1939,12 @@ xmlSecOpenSSLKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
xmlSecOpenSSLKeyDataRsaGetSize(data));
}
-
#endif /* XMLSEC_NO_RSA */
-
#ifndef XMLSEC_NO_GOST
/**************************************************************************
*
- * GOST2001 xml key representation processing. Contain errors.
+ * GOST2001 xml key representation processing
*
*************************************************************************/
static int xmlSecOpenSSLKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
@@ -1887,17 +1980,17 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGost2001Klass = {
/* get info */
xmlSecOpenSSLKeyDataGost2001GetType, /* xmlSecKeyDataGetTypeMethod getType; */
xmlSecOpenSSLKeyDataGost2001GetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
- NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
/* read/write */
- NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
- NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
- NULL, /* xmlSecKeyDataBinReadMethod binRead; */
- NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
/* debug */
xmlSecOpenSSLKeyDataGost2001DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
- xmlSecOpenSSLKeyDataGost2001DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+ xmlSecOpenSSLKeyDataGost2001DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
/* reserved for the future */
NULL, /* void* reserved0; */
@@ -1941,9 +2034,9 @@ xmlSecOpenSSLKeyDataGost2001Finalize(xmlSecKeyDataPtr data) {
static xmlSecKeyDataType
xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data) {
- /* Now I don't know how to find whether we have both private and public key
- or the public only*/
- return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+ /* Now I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
}
static xmlSecSize
@@ -1970,6 +2063,258 @@ xmlSecOpenSSLKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
xmlSecOpenSSLKeyDataGost2001GetSize(data));
}
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 256 bit xml key representation processing
+ *
+ *************************************************************************/
+static int xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data);
+static int xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_256Klass = {
+ sizeof(xmlSecKeyDataKlass),
+ xmlSecOpenSSLEvpKeyDataSize,
+
+ /* data */
+ xmlSecNameGostR3410_2012_256KeyValue,
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+ /* xmlSecKeyDataUsage usage; */
+ xmlSecHrefGostR3410_2012_256KeyValue, /* const xmlChar* href; */
+ xmlSecNodeGostR3410_2012_256KeyValue, /* const xmlChar* dataNodeName; */
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
+
+ /* constructors/destructor */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
+ NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_256Generate,*/ /* xmlSecKeyDataGenerateMethod generate; */
+
+ /* get info */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetType, /* xmlSecKeyDataGetTypeMethod getType; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+ /* read/write */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+ /* debug */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+ /* reserved for the future */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 256 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLKeyDataGostR3410_2012_256Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+
+ xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data) {
+ /* Now I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), 0);
+
+ return 512;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== gost key: size = %d\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<GOST2012_256KeyValue size=\"%d\" />\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+
+
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 512 bit xml key representation processing
+ *
+ *************************************************************************/
+static int xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data);
+static int xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_512Klass = {
+ sizeof(xmlSecKeyDataKlass),
+ xmlSecOpenSSLEvpKeyDataSize,
+
+ /* data */
+ xmlSecNameGostR3410_2012_512KeyValue,
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+ /* xmlSecKeyDataUsage usage; */
+ xmlSecHrefGostR3410_2012_512KeyValue, /* const xmlChar* href; */
+ xmlSecNodeGostR3410_2012_512KeyValue, /* const xmlChar* dataNodeName; */
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
+
+ /* constructors/destructor */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
+ NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_512Generate,*/ /* xmlSecKeyDataGenerateMethod generate; */
+
+ /* get info */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetType, /* xmlSecKeyDataGetTypeMethod getType; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+ /* read/write */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+ /* debug */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+ /* reserved for the future */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 512 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLKeyDataGostR3410_2012_512Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+
+ xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data) {
+ /* Now I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), 0);
+
+ return 1024;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== gost key: size = %d\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<GOST2012_512KeyValue size=\"%d\" />\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST2012 */
diff --git a/src/openssl/evp_signatures.c b/src/openssl/evp_signatures.c
new file mode 100644
index 00000000..4dc493ca
--- /dev/null
+++ b/src/openssl/evp_signatures.c
@@ -0,0 +1,1034 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/openssl/crypto.h>
+#include <xmlsec/openssl/evp.h>
+
+/* new API from OpenSSL 1.1.0 (https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html):
+ *
+ * EVP_MD_CTX_create() and EVP_MD_CTX_destroy() were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.
+ */
+#if !defined(XMLSEC_OPENSSL_110)
+#define EVP_MD_CTX_new() EVP_MD_CTX_create()
+#define EVP_MD_CTX_free(x) EVP_MD_CTX_destroy((x))
+#define EVP_MD_CTX_md_data(x) ((x)->md_data)
+#endif /* !defined(XMLSEC_OPENSSL_110) */
+
+
+/**************************************************************************
+ *
+ * Internal OpenSSL evp signatures ctx
+ *
+ *****************************************************************************/
+typedef struct _xmlSecOpenSSLEvpSignatureCtx xmlSecOpenSSLEvpSignatureCtx,
+ *xmlSecOpenSSLEvpSignatureCtxPtr;
+struct _xmlSecOpenSSLEvpSignatureCtx {
+ const EVP_MD* digest;
+ EVP_MD_CTX* digestCtx;
+ xmlSecKeyDataId keyId;
+ EVP_PKEY* pKey;
+};
+
+/******************************************************************************
+ *
+ * EVP Signature transforms
+ *
+ * xmlSecOpenSSLEvpSignatureCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecOpenSSLEvpSignatureSize \
+ (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpSignatureCtx))
+#define xmlSecOpenSSLEvpSignatureGetCtx(transform) \
+ ((xmlSecOpenSSLEvpSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int xmlSecOpenSSLEvpSignatureCheckId (xmlSecTransformPtr transform);
+static int xmlSecOpenSSLEvpSignatureInitialize (xmlSecTransformPtr transform);
+static void xmlSecOpenSSLEvpSignatureFinalize (xmlSecTransformPtr transform);
+static int xmlSecOpenSSLEvpSignatureSetKeyReq (xmlSecTransformPtr transform,
+ xmlSecKeyReqPtr keyReq);
+static int xmlSecOpenSSLEvpSignatureSetKey (xmlSecTransformPtr transform,
+ xmlSecKeyPtr key);
+static int xmlSecOpenSSLEvpSignatureVerify (xmlSecTransformPtr transform,
+ const xmlSecByte* data,
+ xmlSecSize dataSize,
+ xmlSecTransformCtxPtr transformCtx);
+static int xmlSecOpenSSLEvpSignatureExecute (xmlSecTransformPtr transform,
+ int last,
+ xmlSecTransformCtxPtr transformCtx);
+
+static int
+xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_GOST
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+ return(1);
+ } else
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
+
+ {
+ return(0);
+ }
+
+ return(0);
+}
+
+static int
+xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
+ ctx->digest = EVP_md5();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
+ ctx->digest = EVP_ripemd160();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
+ ctx->digest = EVP_sha1();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
+ ctx->digest = EVP_sha224();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
+ ctx->digest = EVP_sha256();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
+ ctx->digest = EVP_sha384();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
+ ctx->digest = EVP_sha512();
+ ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
+ } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_GOST
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
+ ctx->keyId = xmlSecOpenSSLKeyDataGost2001Id;
+ ctx->digest = EVP_get_digestbyname("md_gost94");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+ ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_256Id;
+ ctx->digest = EVP_get_digestbyname("md_gost12_256");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+ ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_512Id;
+ ctx->digest = EVP_get_digestbyname("md_gost12_512");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
+
+ if(1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* create digest CTX */
+ ctx->digestCtx = EVP_MD_CTX_new();
+ if(ctx->digestCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_MD_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* done */
+ return(0);
+}
+
+static void
+xmlSecOpenSSLEvpSignatureFinalize(xmlSecTransformPtr transform) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+
+ xmlSecAssert(xmlSecOpenSSLEvpSignatureCheckId(transform));
+ xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize));
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert(ctx != NULL);
+
+ if(ctx->pKey != NULL) {
+ EVP_PKEY_free(ctx->pKey);
+ }
+
+ if(ctx->digestCtx != NULL) {
+ EVP_MD_CTX_free(ctx->digestCtx);
+ }
+
+ memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
+}
+
+static int
+xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+ xmlSecKeyDataPtr value;
+ EVP_PKEY* pKey;
+
+ xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(key != NULL, -1);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->digest != NULL, -1);
+ xmlSecAssert2(ctx->keyId != NULL, -1);
+ xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
+
+ value = xmlSecKeyGetValue(key);
+ xmlSecAssert2(value != NULL, -1);
+
+ pKey = xmlSecOpenSSLEvpKeyDataGetEvp(value);
+ if(pKey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecOpenSSLEvpKeyDataGetEvp",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if(ctx->pKey != NULL) {
+ EVP_PKEY_free(ctx->pKey);
+ }
+
+ ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
+ if(ctx->pKey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecOpenSSLEvpKeyDup",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ return(0);
+}
+
+static int
+xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(keyReq != NULL, -1);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->keyId != NULL, -1);
+
+ keyReq->keyId = ctx->keyId;
+ if(transform->operation == xmlSecTransformOperationSign) {
+ keyReq->keyType = xmlSecKeyDataTypePrivate;
+ keyReq->keyUsage = xmlSecKeyUsageSign;
+ } else {
+ keyReq->keyType = xmlSecKeyDataTypePublic;
+ keyReq->keyUsage = xmlSecKeyUsageVerify;
+ }
+ return(0);
+}
+
+
+static int
+xmlSecOpenSSLEvpSignatureVerify(xmlSecTransformPtr transform,
+ const xmlSecByte* data, xmlSecSize dataSize,
+ xmlSecTransformCtxPtr transformCtx) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+ int ret;
+
+ xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->digestCtx != NULL, -1);
+
+ ret = EVP_VerifyFinal(ctx->digestCtx, (xmlSecByte*)data, dataSize, ctx->pKey);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_VerifyFinal",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ } else if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_VerifyFinal",
+ XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+ "signature do not match");
+ transform->status = xmlSecTransformStatusFail;
+ return(0);
+ }
+
+ transform->status = xmlSecTransformStatusOk;
+ return(0);
+}
+
+static int
+xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+ xmlSecBufferPtr in, out;
+ xmlSecSize inSize;
+ xmlSecSize outSize;
+ int ret;
+
+ xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ in = &(transform->inBuf);
+ out = &(transform->outBuf);
+ inSize = xmlSecBufferGetSize(in);
+ outSize = xmlSecBufferGetSize(out);
+
+ ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->digest != NULL, -1);
+ xmlSecAssert2(ctx->digestCtx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+
+ if(transform->status == xmlSecTransformStatusNone) {
+ xmlSecAssert2(outSize == 0, -1);
+
+ if(transform->operation == xmlSecTransformOperationSign) {
+ ret = EVP_SignInit(ctx->digestCtx, ctx->digest);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_SignInit",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else {
+ ret = EVP_VerifyInit(ctx->digestCtx, ctx->digest);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_VerifyInit",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+ transform->status = xmlSecTransformStatusWorking;
+ }
+
+ if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
+ xmlSecAssert2(outSize == 0, -1);
+
+ if(transform->operation == xmlSecTransformOperationSign) {
+ ret = EVP_SignUpdate(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_SignUpdate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else {
+ ret = EVP_VerifyUpdate(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_VerifyUpdate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ ret = xmlSecBufferRemoveHead(in, inSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferRemoveHead",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+ xmlSecAssert2(outSize == 0, -1);
+ if(transform->operation == xmlSecTransformOperationSign) {
+ unsigned int signSize;
+
+ /* for rsa signatures we get size from EVP_PKEY_size() */
+ signSize = EVP_PKEY_size(ctx->pKey);
+ ret = xmlSecBufferSetMaxSize(out, signSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferSetMaxSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%u", signSize);
+ return(-1);
+ }
+
+ ret = EVP_SignFinal(ctx->digestCtx, xmlSecBufferGetData(out), &signSize, ctx->pKey);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_SignFinal",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = xmlSecBufferSetSize(out, signSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferSetSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%u", signSize);
+ return(-1);
+ }
+ }
+ transform->status = xmlSecTransformStatusFinished;
+ }
+
+ if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) {
+ /* the only way we can get here is if there is no input */
+ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+ } else {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_STATUS,
+ "status=%d", transform->status);
+ return(-1);
+ }
+
+ return(0);
+}
+
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+/****************************************************************************
+ *
+ * RSA-MD5 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaMd5Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaMd5, /* const xmlChar* name; */
+ xmlSecHrefRsaMd5, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaMd5GetKlass(void) {
+ return(&xmlSecOpenSSLRsaMd5Klass);
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/****************************************************************************
+ *
+ * RSA-RIPEMD160 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaRipemd160Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaRipemd160, /* const xmlChar* name; */
+ xmlSecHrefRsaRipemd160, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaRipemd160GetKlass:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ *
+ * Returns: RSA-RIPEMD160 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaRipemd160GetKlass(void) {
+ return(&xmlSecOpenSSLRsaRipemd160Klass);
+}
+
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/****************************************************************************
+ *
+ * RSA-SHA1 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaSha1Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha1, /* const xmlChar* name; */
+ xmlSecHrefRsaSha1, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaSha1GetKlass:
+ *
+ * The RSA-SHA1 signature transform klass.
+ *
+ * Returns: RSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaSha1GetKlass(void) {
+ return(&xmlSecOpenSSLRsaSha1Klass);
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+/****************************************************************************
+ *
+ * RSA-SHA224 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaSha224Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha224, /* const xmlChar* name; */
+ xmlSecHrefRsaSha224, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaSha224GetKlass:
+ *
+ * The RSA-SHA224 signature transform klass.
+ *
+ * Returns: RSA-SHA224 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaSha224GetKlass(void) {
+ return(&xmlSecOpenSSLRsaSha224Klass);
+}
+
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * RSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaSha256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha256, /* const xmlChar* name; */
+ xmlSecHrefRsaSha256, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaSha256GetKlass(void) {
+ return(&xmlSecOpenSSLRsaSha256Klass);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * RSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaSha384Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha384, /* const xmlChar* name; */
+ xmlSecHrefRsaSha384, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaSha384GetKlass(void) {
+ return(&xmlSecOpenSSLRsaSha384Klass);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * RSA-SHA512 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLRsaSha512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameRsaSha512, /* const xmlChar* name; */
+ xmlSecHrefRsaSha512, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
+ return(&xmlSecOpenSSLRsaSha512Klass);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_GOST
+/****************************************************************************
+ *
+ * GOST2001-GOSTR3411_94 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGost2001GostR3411_94Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameGost2001GostR3411_94, /* const xmlChar* name; */
+ xmlSecHrefGost2001GostR3411_94, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass:
+ *
+ * The GOST2001-GOSTR3411_94 signature transform klass.
+ *
+ * Returns: GOST2001-GOSTR3411_94 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void) {
+ return(&xmlSecOpenSSLGost2001GostR3411_94Klass);
+}
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameGostR3410_2012GostR3411_2012_256, /* const xmlChar* name; */
+ xmlSecHrefGostR3410_2012GostR3411_2012_256, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass);
+}
+
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameGostR3410_2012GostR3411_2012_512, /* const xmlChar* name; */
+ xmlSecHrefGostR3410_2012GostR3411_2012_512, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
+
diff --git a/src/openssl/globals.h b/src/openssl/globals.h
index 770b6dba..065c3e8f 100644
--- a/src/openssl/globals.h
+++ b/src/openssl/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
diff --git a/src/openssl/hmac.c b/src/openssl/hmac.c
index bad1ac03..edfc3af4 100644
--- a/src/openssl/hmac.c
+++ b/src/openssl/hmac.c
@@ -13,7 +13,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_HMAC
#include "globals.h"
@@ -33,6 +33,16 @@
#include <xmlsec/openssl/crypto.h>
+/* new API from OpenSSL 1.1.0 (https://www.openssl.org/docs/manmaster/crypto/hmac.html):
+ *
+ * HMAC_CTX_new() and HMAC_CTX_free() are new in OpenSSL version 1.1.
+ */
+#if !defined(XMLSEC_OPENSSL_110)
+#define HMAC_CTX_new() ((HMAC_CTX*)calloc(1, sizeof(HMAC_CTX)))
+#define HMAC_CTX_free(x) { HMAC_CTX_cleanup((x)); free((x)); }
+#endif /* !defined(XMLSEC_OPENSSL_110) */
+
+
/* sizes in bits */
#define XMLSEC_OPENSSL_MIN_HMAC_SIZE 80
#define XMLSEC_OPENSSL_MAX_HMAC_SIZE (EVP_MAX_MD_SIZE * 8)
@@ -75,7 +85,7 @@ void xmlSecOpenSSLHmacSetMinOutputLength(int min_length)
typedef struct _xmlSecOpenSSLHmacCtx xmlSecOpenSSLHmacCtx, *xmlSecOpenSSLHmacCtxPtr;
struct _xmlSecOpenSSLHmacCtx {
const EVP_MD* hmacDgst;
- HMAC_CTX hmacCtx;
+ HMAC_CTX* hmacCtx;
int ctxInitialized;
xmlSecByte dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
xmlSecSize dgstSize; /* dgst size in bits */
@@ -232,9 +242,18 @@ xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
return(-1);
}
-#ifndef XMLSEC_OPENSSL_096
- HMAC_CTX_init(&(ctx->hmacCtx));
-#endif /* XMLSEC_OPENSSL_096 */
+ /* create hmac CTX */
+ ctx->hmacCtx = HMAC_CTX_new();
+ if(ctx->hmacCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "HMAC_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* done */
return(0);
}
@@ -248,9 +267,10 @@ xmlSecOpenSSLHmacFinalize(xmlSecTransformPtr transform) {
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert(ctx != NULL);
-#ifndef XMLSEC_OPENSSL_096
- HMAC_CTX_cleanup(&(ctx->hmacCtx));
-#endif /* XMLSEC_OPENSSL_096 */
+ if(ctx->hmacCtx != NULL) {
+ HMAC_CTX_free(ctx->hmacCtx);
+ }
+
memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx));
}
@@ -327,6 +347,7 @@ xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
xmlSecOpenSSLHmacCtxPtr ctx;
xmlSecKeyDataPtr value;
xmlSecBufferPtr buffer;
+ int ret;
xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
@@ -335,6 +356,7 @@ xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->hmacCtx != NULL, -1);
xmlSecAssert2(ctx->hmacDgst != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized == 0, -1);
@@ -354,10 +376,32 @@ xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
}
xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
- HMAC_Init(&(ctx->hmacCtx),
+
+#if (defined(XMLSEC_OPENSSL_098))
+ /* no return value in 0.9.8 */
+ HMAC_Init_ex(ctx->hmacCtx,
+ xmlSecBufferGetData(buffer),
+ xmlSecBufferGetSize(buffer),
+ ctx->hmacDgst,
+ NULL);
+ ret = 1;
+#else /* (defined(XMLSEC_OPENSSL_098)) */
+ ret = HMAC_Init_ex(ctx->hmacCtx,
xmlSecBufferGetData(buffer),
xmlSecBufferGetSize(buffer),
- ctx->hmacDgst);
+ ctx->hmacDgst,
+ NULL);
+#endif /* (defined(XMLSEC_OPENSSL_098)) */
+
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "HMAC_Init_ex",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ NULL);
+ return(-1);
+ }
+
ctx->ctxInitialized = 1;
return(0);
}
@@ -448,6 +492,7 @@ xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransform
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+ xmlSecAssert2(ctx->hmacCtx != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
/* we should be already initialized when we set key */
@@ -459,7 +504,7 @@ xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransform
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
- HMAC_Update(&(ctx->hmacCtx), xmlSecBufferGetData(in), inSize);
+ HMAC_Update(ctx->hmacCtx, xmlSecBufferGetData(in), inSize);
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
@@ -475,7 +520,7 @@ xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransform
if(last) {
unsigned int dgstSize;
- HMAC_Final(&(ctx->hmacCtx), ctx->dgst, &dgstSize);
+ HMAC_Final(ctx->hmacCtx, ctx->dgst, &dgstSize);
xmlSecAssert2(dgstSize > 0, -1);
/* check/set the result digest size */
diff --git a/src/openssl/kt_rsa.c b/src/openssl/kt_rsa.c
index 1cf1aba1..8d47e427 100644
--- a/src/openssl/kt_rsa.c
+++ b/src/openssl/kt_rsa.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -785,8 +785,17 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
}
outSize = ret;
} else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize != 0)) {
- BIGNUM bn;
+ BIGNUM * bn;
+ bn = BN_new();
+ if(bn == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "BN_new()",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
xmlSecBufferGetData(out),
ctx->pKey->pkey.rsa, RSA_NO_PADDING);
@@ -796,6 +805,7 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
"RSA_private_decrypt(RSA_NO_PADDING)",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ BN_free(bn);
return(-1);
}
outSize = ret;
@@ -806,28 +816,27 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
* beggining so I have to do decode it back to BIGNUM and dump
* buffer again
*/
- BN_init(&bn);
- if(BN_bin2bn(xmlSecBufferGetData(out), outSize, &bn) == NULL) {
+ if(BN_bin2bn(xmlSecBufferGetData(out), outSize, bn) == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"BN_bin2bn",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"size=%d", outSize);
- BN_clear_free(&bn);
+ BN_free(bn);
return(-1);
}
- ret = BN_bn2bin(&bn, xmlSecBufferGetData(out));
+ ret = BN_bn2bin(bn, xmlSecBufferGetData(out));
if(ret <= 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"BN_bn2bin",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- BN_clear_free(&bn);
+ BN_free(bn);
return(-1);
}
- BN_clear_free(&bn);
+ BN_free(bn);
outSize = ret;
ret = RSA_padding_check_PKCS1_OAEP(xmlSecBufferGetData(out), outSize,
@@ -845,7 +854,12 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
}
outSize = ret;
} else {
- xmlSecAssert2("we could not be here" == NULL, -1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "Unexpected trasnform operation: %d; paramsSize: %d",
+ (int)transform->operation, (int)paramsSize);
return(-1);
}
diff --git a/src/openssl/kw_aes.c b/src/openssl/kw_aes.c
index 573fb985..8e71148e 100644
--- a/src/openssl/kw_aes.c
+++ b/src/openssl/kw_aes.c
@@ -7,10 +7,9 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_AES
-#ifndef XMLSEC_OPENSSL_096
#include "globals.h"
#include <stdlib.h>
@@ -508,6 +507,4 @@ xmlSecOpenSSLKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
return(AES_BLOCK_SIZE);
}
-
-#endif /* XMLSEC_OPENSSL_096 */
#endif /* XMLSEC_NO_AES */
diff --git a/src/openssl/kw_des.c b/src/openssl/kw_des.c
index 9d55e107..c9642579 100644
--- a/src/openssl/kw_des.c
+++ b/src/openssl/kw_des.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2010 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef XMLSEC_NO_DES
#include "globals.h"
@@ -505,7 +505,7 @@ xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
const xmlSecByte *in, xmlSecSize inSize,
xmlSecByte *out, xmlSecSize outSize,
int enc) {
- EVP_CIPHER_CTX cipherCtx;
+ EVP_CIPHER_CTX * cipherCtx;
int updateLen;
int finalLen;
int ret;
@@ -519,42 +519,55 @@ xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
xmlSecAssert2(out != NULL, -1);
xmlSecAssert2(outSize >= inSize, -1);
- EVP_CIPHER_CTX_init(&cipherCtx);
- ret = EVP_CipherInit(&cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
+ cipherCtx = EVP_CIPHER_CTX_new();
+ if(cipherCtx == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "EVP_CIPHER_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = EVP_CipherInit(cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherInit",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
-#ifndef XMLSEC_OPENSSL_096
- EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);
-#endif /* XMLSEC_OPENSSL_096 */
+ EVP_CIPHER_CTX_set_padding(cipherCtx, 0);
- ret = EVP_CipherUpdate(&cipherCtx, out, &updateLen, in, inSize);
+ ret = EVP_CipherUpdate(cipherCtx, out, &updateLen, in, inSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherUpdate",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
- ret = EVP_CipherFinal(&cipherCtx, out + updateLen, &finalLen);
+ ret = EVP_CipherFinal(cipherCtx, out + updateLen, &finalLen);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"EVP_CipherFinal",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ EVP_CIPHER_CTX_free(cipherCtx);
return(-1);
}
- EVP_CIPHER_CTX_cleanup(&cipherCtx);
+ /* cleanup */
+ EVP_CIPHER_CTX_free(cipherCtx);
+
+ /* done */
return(updateLen + finalLen);
}
diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c
index 7e3dbc7d..5cb6f7b8 100644
--- a/src/openssl/signatures.c
+++ b/src/openssl/signatures.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -22,92 +22,145 @@
#include <xmlsec/openssl/crypto.h>
#include <xmlsec/openssl/evp.h>
+/* new API from OpenSSL 1.1.0 (https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html):
+ *
+ * EVP_MD_CTX_create() and EVP_MD_CTX_destroy() were renamed to EVP_MD_CTX_new() and EVP_MD_CTX_free() in OpenSSL 1.1.
+ */
+#if !defined(XMLSEC_OPENSSL_110)
+#define EVP_MD_CTX_new() EVP_MD_CTX_create()
+#define EVP_MD_CTX_free(x) EVP_MD_CTX_destroy((x))
+#define EVP_MD_CTX_md_data(x) ((x)->md_data)
+
#ifndef XMLSEC_NO_DSA
+/* we expect the r/s to be NOT NULL */
+static void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, ECDSA_SIG *sig) {
+ if (pr != NULL) {
+ if(sig->r == NULL) {
+ sig->r = BN_new();
+ }
+ *pr = sig->r;
+ }
+ if (ps != NULL) {
+ if(sig->s == NULL) {
+ sig->s = BN_new();
+ }
+ *ps = sig->s;
+ }
+}
+#endif /* XMLSEC_NO_ECDSA */
-#define XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE (20 * 2)
+#endif /* !defined(XMLSEC_OPENSSL_110) */
-#ifndef XMLSEC_NO_SHA1
-static const EVP_MD *xmlSecOpenSSLDsaSha1Evp (void);
-#endif /* XMLSEC_NO_SHA1 */
+/* Preparation for OpenSSL 1.1.0 compatibility: we expect the r/s to be NOT NULL */
+#ifndef XMLSEC_NO_DSA
+static void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, DSA_SIG *sig) {
+ if (pr != NULL) {
+ if(sig->r == NULL) {
+ sig->r = BN_new();
+ }
+ *pr = sig->r;
+ }
+ if (ps != NULL) {
+ if(sig->s == NULL) {
+ sig->s = BN_new();
+ }
+ *ps = sig->s;
+ }
+}
+#endif /* XMLSEC_NO_DSA */
-#ifndef XMLSEC_NO_SHA256
-#ifdef XMLSEC_OPENSSL_100
-static const EVP_MD *xmlSecOpenSSLDsaSha256Evp (void);
-#endif /* XMLSEC_OPENSSL_100 */
-#endif /* XMLSEC_NO_SHA256 */
-#endif /* XMLSEC_NO_DSA */
-#ifndef XMLSEC_NO_ECDSA
-#define XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE ((512 / 8) * 2)
+/**************************************************************************
+ *
+ * Internal OpenSSL signatures ctx: forward declarations
+ *
+ *****************************************************************************/
+typedef struct _xmlSecOpenSSLSignatureCtx xmlSecOpenSSLSignatureCtx,
+ *xmlSecOpenSSLSignatureCtxPtr;
-#ifndef XMLSEC_NO_SHA1
-static const EVP_MD *xmlSecOpenSSLEcdsaSha1Evp (void);
-#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_DSA
-#ifndef XMLSEC_NO_SHA224
-static const EVP_MD *xmlSecOpenSSLEcdsaSha224Evp (void);
-#endif /* XMLSEC_NO_SHA224 */
+static int xmlSecOpenSSLSignatureDsaSign (xmlSecOpenSSLSignatureCtxPtr ctx,
+ xmlSecBufferPtr out);
+static int xmlSecOpenSSLSignatureDsaVerify (xmlSecOpenSSLSignatureCtxPtr ctx,
+ const xmlSecByte* signData,
+ xmlSecSize signSize);
+#endif /* XMLSEC_NO_DSA */
-#ifndef XMLSEC_NO_SHA256
-static const EVP_MD *xmlSecOpenSSLEcdsaSha256Evp (void);
-#endif /* XMLSEC_NO_SHA256 */
+#ifndef XMLSEC_NO_ECDSA
-#ifndef XMLSEC_NO_SHA384
-static const EVP_MD *xmlSecOpenSSLEcdsaSha384Evp (void);
-#endif /* XMLSEC_NO_SHA384 */
+static int xmlSecOpenSSLSignatureEcdsaSign (xmlSecOpenSSLSignatureCtxPtr ctx,
+ xmlSecBufferPtr out);
+static int xmlSecOpenSSLSignatureEcdsaVerify (xmlSecOpenSSLSignatureCtxPtr ctx,
+ const xmlSecByte* signData,
+ xmlSecSize signSize);
-#ifndef XMLSEC_NO_SHA512
-static const EVP_MD *xmlSecOpenSSLEcdsaSha512Evp (void);
-#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_ECDSA */
+
+
+/**************************************************************************
+ *
+ * Sign/verify callbacks
+ *
+ *****************************************************************************/
+typedef int (*xmlSecOpenSSLSignatureSignCallback) (xmlSecOpenSSLSignatureCtxPtr ctx,
+ xmlSecBufferPtr out);
+typedef int (*xmlSecOpenSSLSignatureVerifyCallback) (xmlSecOpenSSLSignatureCtxPtr ctx,
+ const xmlSecByte* signData,
+ xmlSecSize signSize);
+
/**************************************************************************
*
- * Internal OpenSSL evp signatures ctx
+ * Internal OpenSSL signatures ctx
*
*****************************************************************************/
-typedef struct _xmlSecOpenSSLEvpSignatureCtx xmlSecOpenSSLEvpSignatureCtx,
- *xmlSecOpenSSLEvpSignatureCtxPtr;
-struct _xmlSecOpenSSLEvpSignatureCtx {
- const EVP_MD* digest;
- EVP_MD_CTX digestCtx;
- xmlSecKeyDataId keyId;
- EVP_PKEY* pKey;
+struct _xmlSecOpenSSLSignatureCtx {
+ const EVP_MD* digest;
+ EVP_MD_CTX* digestCtx;
+ xmlSecKeyDataId keyId;
+ xmlSecOpenSSLSignatureSignCallback signCallback;
+ xmlSecOpenSSLSignatureVerifyCallback verifyCallback;
+ EVP_PKEY* pKey;
+ unsigned char dgst[EVP_MAX_MD_SIZE];
+ unsigned int dgstSize;
};
+
+
/******************************************************************************
*
- * EVP Signature transforms
+ * Signature transforms
*
- * xmlSecOpenSSLEvpSignatureCtx is located after xmlSecTransform
+ * xmlSecOpenSSLSignatureCtx is located after xmlSecTransform
*
*****************************************************************************/
-#define xmlSecOpenSSLEvpSignatureSize \
- (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpSignatureCtx))
-#define xmlSecOpenSSLEvpSignatureGetCtx(transform) \
- ((xmlSecOpenSSLEvpSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
-static int xmlSecOpenSSLEvpSignatureCheckId (xmlSecTransformPtr transform);
-static int xmlSecOpenSSLEvpSignatureInitialize (xmlSecTransformPtr transform);
-static void xmlSecOpenSSLEvpSignatureFinalize (xmlSecTransformPtr transform);
-static int xmlSecOpenSSLEvpSignatureSetKeyReq (xmlSecTransformPtr transform,
+#define xmlSecOpenSSLSignatureSize \
+ (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLSignatureCtx))
+#define xmlSecOpenSSLSignatureGetCtx(transform) \
+ ((xmlSecOpenSSLSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int xmlSecOpenSSLSignatureCheckId (xmlSecTransformPtr transform);
+static int xmlSecOpenSSLSignatureInitialize (xmlSecTransformPtr transform);
+static void xmlSecOpenSSLSignatureFinalize (xmlSecTransformPtr transform);
+static int xmlSecOpenSSLSignatureSetKeyReq (xmlSecTransformPtr transform,
xmlSecKeyReqPtr keyReq);
-static int xmlSecOpenSSLEvpSignatureSetKey (xmlSecTransformPtr transform,
+static int xmlSecOpenSSLSignatureSetKey (xmlSecTransformPtr transform,
xmlSecKeyPtr key);
-static int xmlSecOpenSSLEvpSignatureVerify (xmlSecTransformPtr transform,
+static int xmlSecOpenSSLSignatureVerify (xmlSecTransformPtr transform,
const xmlSecByte* data,
xmlSecSize dataSize,
xmlSecTransformCtxPtr transformCtx);
-static int xmlSecOpenSSLEvpSignatureExecute (xmlSecTransformPtr transform,
+static int xmlSecOpenSSLSignatureExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
static int
-xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
+xmlSecOpenSSLSignatureCheckId(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_DSA
#ifndef XMLSEC_NO_SHA1
@@ -158,58 +211,6 @@ xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
#endif /* XMLSEC_NO_ECDSA */
-#ifndef XMLSEC_NO_RSA
-
-#ifndef XMLSEC_NO_MD5
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_MD5 */
-
-#ifndef XMLSEC_NO_RIPEMD160
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_RIPEMD160 */
-
-#ifndef XMLSEC_NO_SHA1
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_SHA1 */
-
-#ifndef XMLSEC_NO_SHA224
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_SHA224 */
-
-#ifndef XMLSEC_NO_SHA256
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_SHA256 */
-
-#ifndef XMLSEC_NO_SHA384
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_SHA384 */
-
-#ifndef XMLSEC_NO_SHA512
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_SHA512 */
-
-#endif /* XMLSEC_NO_RSA */
-
-#ifndef XMLSEC_NO_GOST
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
- return(1);
- } else
-#endif /* XMLSEC_NO_GOST*/
-
{
return(0);
}
@@ -218,33 +219,36 @@ xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
}
static int
-xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+xmlSecOpenSSLSignatureInitialize(xmlSecTransformPtr transform) {
+ xmlSecOpenSSLSignatureCtxPtr ctx;
+ int ret;
- xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(xmlSecOpenSSLSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize), -1);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
- memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
+ memset(ctx, 0, sizeof(xmlSecOpenSSLSignatureCtx));
#ifndef XMLSEC_NO_DSA
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha1Id)) {
- ctx->digest = xmlSecOpenSSLDsaSha1Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
+ ctx->digest = EVP_sha1();
+ ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureDsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureDsaVerify;
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA256
-#ifdef XMLSEC_OPENSSL_100
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha256Id)) {
- ctx->digest = xmlSecOpenSSLDsaSha256Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
+ ctx->digest = EVP_sha256();
+ ctx->keyId = xmlSecOpenSSLKeyDataDsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureDsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureDsaVerify;
} else
-#endif /* XMLSEC_OPENSSL_100 */
#endif /* XMLSEC_NO_SHA256 */
#endif /* XMLSEC_NO_DSA */
@@ -253,157 +257,118 @@ xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
#ifndef XMLSEC_NO_SHA1
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha1Id)) {
- ctx->digest = xmlSecOpenSSLEcdsaSha1Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->digest = EVP_sha1();
+ ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
} else
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha224Id)) {
- ctx->digest = xmlSecOpenSSLEcdsaSha224Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->digest = EVP_sha224();
+ ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
} else
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha256Id)) {
- ctx->digest = xmlSecOpenSSLEcdsaSha256Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->digest = EVP_sha256();
+ ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
} else
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha384Id)) {
- ctx->digest = xmlSecOpenSSLEcdsaSha384Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->digest = EVP_sha384();
+ ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
} else
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha512Id)) {
- ctx->digest = xmlSecOpenSSLEcdsaSha512Evp();
- ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->digest = EVP_sha512();
+ ctx->keyId = xmlSecOpenSSLKeyDataEcdsaId;
+ ctx->signCallback = xmlSecOpenSSLSignatureEcdsaSign;
+ ctx->verifyCallback = xmlSecOpenSSLSignatureEcdsaVerify;
} else
#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_ECDSA */
-#ifndef XMLSEC_NO_RSA
-
-#ifndef XMLSEC_NO_MD5
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
- ctx->digest = EVP_md5();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_MD5 */
-
-#ifndef XMLSEC_NO_RIPEMD160
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
- ctx->digest = EVP_ripemd160();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_RIPEMD160 */
-
-#ifndef XMLSEC_NO_SHA1
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
- ctx->digest = EVP_sha1();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_SHA1 */
-
-#ifndef XMLSEC_NO_SHA224
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
- ctx->digest = EVP_sha224();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_SHA224 */
-
-#ifndef XMLSEC_NO_SHA256
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
- ctx->digest = EVP_sha256();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_SHA256 */
-
-#ifndef XMLSEC_NO_SHA384
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
- ctx->digest = EVP_sha384();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_SHA384 */
-
-#ifndef XMLSEC_NO_SHA512
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
- ctx->digest = EVP_sha512();
- ctx->keyId = xmlSecOpenSSLKeyDataRsaId;
- } else
-#endif /* XMLSEC_NO_SHA512 */
-
-#endif /* XMLSEC_NO_RSA */
-
-#ifndef XMLSEC_NO_GOST
- if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
- ctx->keyId = xmlSecOpenSSLKeyDataGost2001Id;
- ctx->digest = EVP_get_digestbyname("md_gost94");
- if (!ctx->digest)
- {
+ if(1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_TRANSFORM,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
- }
- } else
-#endif /* XMLSEC_NO_GOST*/
+ }
- if(1) {
+ /* create/init digest CTX */
+ ctx->digestCtx = EVP_MD_CTX_new();
+ if(ctx->digestCtx == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- NULL,
- XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ "EVP_MD_CTX_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = EVP_DigestInit(ctx->digestCtx, ctx->digest);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_DigestInit",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-#ifndef XMLSEC_OPENSSL_096
- EVP_MD_CTX_init(&(ctx->digestCtx));
-#endif /* XMLSEC_OPENSSL_096 */
+ /* done */
return(0);
}
static void
-xmlSecOpenSSLEvpSignatureFinalize(xmlSecTransformPtr transform) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+xmlSecOpenSSLSignatureFinalize(xmlSecTransformPtr transform) {
+ xmlSecOpenSSLSignatureCtxPtr ctx;
- xmlSecAssert(xmlSecOpenSSLEvpSignatureCheckId(transform));
- xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize));
+ xmlSecAssert(xmlSecOpenSSLSignatureCheckId(transform));
+ xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize));
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert(ctx != NULL);
if(ctx->pKey != NULL) {
EVP_PKEY_free(ctx->pKey);
}
-#ifndef XMLSEC_OPENSSL_096
- EVP_MD_CTX_cleanup(&(ctx->digestCtx));
-#endif /* XMLSEC_OPENSSL_096 */
- memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
+ if(ctx->digestCtx != NULL) {
+ EVP_MD_CTX_free(ctx->digestCtx);
+ }
+
+ memset(ctx, 0, sizeof(xmlSecOpenSSLSignatureCtx));
}
static int
-xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+xmlSecOpenSSLSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+ xmlSecOpenSSLSignatureCtxPtr ctx;
xmlSecKeyDataPtr value;
EVP_PKEY* pKey;
- xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecOpenSSLSignatureCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize), -1);
xmlSecAssert2(key != NULL, -1);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digest != NULL, -1);
xmlSecAssert2(ctx->keyId != NULL, -1);
@@ -440,15 +405,15 @@ xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key)
}
static int
-xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+xmlSecOpenSSLSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
+ xmlSecOpenSSLSignatureCtxPtr ctx;
- xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecOpenSSLSignatureCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize), -1);
xmlSecAssert2(keyReq != NULL, -1);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->keyId != NULL, -1);
@@ -465,136 +430,95 @@ xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPt
static int
-xmlSecOpenSSLEvpSignatureVerify(xmlSecTransformPtr transform,
+xmlSecOpenSSLSignatureVerify(xmlSecTransformPtr transform,
const xmlSecByte* data, xmlSecSize dataSize,
xmlSecTransformCtxPtr transformCtx) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+ xmlSecOpenSSLSignatureCtxPtr ctx;
int ret;
- xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecOpenSSLSignatureCheckId(transform), -1);
xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize), -1);
xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(transformCtx != NULL, -1);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->verifyCallback != NULL, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
- ret = EVP_VerifyFinal(&(ctx->digestCtx), (xmlSecByte*)data, dataSize, ctx->pKey);
+ ret = (ctx->verifyCallback)(ctx, data, dataSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_VerifyFinal",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "verifyCallback",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
- } else if(ret != 1) {
+ }
+
+ /* check signature results */
+ if(ret == 1) {
+ transform->status = xmlSecTransformStatusOk;
+ } else {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_VerifyFinal",
+ "verifyCallback",
XMLSEC_ERRORS_R_DATA_NOT_MATCH,
"signature do not match");
transform->status = xmlSecTransformStatusFail;
- return(0);
}
- transform->status = xmlSecTransformStatusOk;
+ /* done */
return(0);
}
static int
-xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
- xmlSecOpenSSLEvpSignatureCtxPtr ctx;
+xmlSecOpenSSLSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecOpenSSLSignatureCtxPtr ctx;
xmlSecBufferPtr in, out;
xmlSecSize inSize;
xmlSecSize outSize;
int ret;
- xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
+ xmlSecAssert2(xmlSecOpenSSLSignatureCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLSignatureSize), -1);
xmlSecAssert2(transformCtx != NULL, -1);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->signCallback != NULL, -1);
+ xmlSecAssert2(ctx->verifyCallback != NULL, -1);
in = &(transform->inBuf);
out = &(transform->outBuf);
inSize = xmlSecBufferGetSize(in);
outSize = xmlSecBufferGetSize(out);
- ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
+ ctx = xmlSecOpenSSLSignatureGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digest != NULL, -1);
+ xmlSecAssert2(ctx->digestCtx != NULL, -1);
xmlSecAssert2(ctx->pKey != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
xmlSecAssert2(outSize == 0, -1);
-
- if(transform->operation == xmlSecTransformOperationSign) {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_SignInit(&(ctx->digestCtx), ctx->digest);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_SignInit",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-#else /* XMLSEC_OPENSSL_096 */
- EVP_SignInit(&(ctx->digestCtx), ctx->digest);
-#endif /* XMLSEC_OPENSSL_096 */
- } else {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_VerifyInit",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-#else /* XMLSEC_OPENSSL_096 */
- EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
-#endif /* XMLSEC_OPENSSL_096 */
- }
transform->status = xmlSecTransformStatusWorking;
}
if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
xmlSecAssert2(outSize == 0, -1);
- if(transform->operation == xmlSecTransformOperationSign) {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_SignUpdate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-#else /* XMLSEC_OPENSSL_096 */
- EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-#endif /* XMLSEC_OPENSSL_096 */
- } else {
-#ifndef XMLSEC_OPENSSL_096
- ret = EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_VerifyUpdate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-#else /* XMLSEC_OPENSSL_096 */
- EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-#endif /* XMLSEC_OPENSSL_096 */
+ ret = EVP_DigestUpdate(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_DigestUpdate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
@@ -610,54 +534,32 @@ xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecT
if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
xmlSecAssert2(outSize == 0, -1);
- if(transform->operation == xmlSecTransformOperationSign) {
- unsigned int signSize;
- /* this is a hack: for rsa signatures
- * we get size from EVP_PKEY_size(),
- * for dsa signature we use a fixed constant */
- signSize = EVP_PKEY_size(ctx->pKey);
-#ifndef XMLSEC_NO_DSA
- if(signSize < XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE) {
- signSize = XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE;
- }
-#endif /* XMLSEC_NO_DSA */
-#ifndef XMLSEC_NO_ECDSA
- if(signSize < XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE) {
- signSize = XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE;
- }
-#endif /* XMLSEC_NO_ECDSA */
+ ret = EVP_DigestFinal(ctx->digestCtx, ctx->dgst, &ctx->dgstSize);
+ if(ret != 1) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "EVP_DigestFinal",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
- ret = xmlSecBufferSetMaxSize(out, signSize);
+ /* sign right away, verify will wait till separate call */
+ if(transform->operation == xmlSecTransformOperationSign) {
+ ret = (ctx->signCallback)(ctx, out);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "xmlSecBufferSetMaxSize",
+ "signCallback",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%u", signSize);
- return(-1);
- }
-
- ret = EVP_SignFinal(&(ctx->digestCtx), xmlSecBufferGetData(out), &signSize, ctx->pKey);
- if(ret != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "EVP_SignFinal",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-
- ret = xmlSecBufferSetSize(out, signSize);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- "xmlSecBufferSetSize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "size=%u", signSize);
- return(-1);
- }
}
+
+ /* done! */
transform->status = xmlSecTransformStatusFinished;
}
@@ -677,6 +579,7 @@ xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecT
}
#ifndef XMLSEC_NO_DSA
+
/****************************************************************************
*
* DSA EVP
@@ -704,81 +607,257 @@ xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecT
*
***************************************************************************/
static int
-xmlSecOpenSSLDsaEvpSign(int type ATTRIBUTE_UNUSED,
- const unsigned char *dgst, unsigned int dlen,
- unsigned char *sig, unsigned int *siglen, void *dsa) {
- DSA_SIG *s;
- int rSize, sSize;
-
- s = DSA_do_sign(dgst, dlen, dsa);
- if(s == NULL) {
- *siglen=0;
- return(0);
+xmlSecOpenSSLSignatureDsaSign(xmlSecOpenSSLSignatureCtxPtr ctx, xmlSecBufferPtr out) {
+ DSA * dsaKey = NULL;
+ DSA_SIG *sig = NULL;
+ BIGNUM *rr = NULL, *ss = NULL;
+ xmlSecByte *outData;
+ xmlSecSize dsaSignSize, signHalfSize, rSize, sSize;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
+ xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
+ xmlSecAssert2(out != NULL, -1);
+
+ /* get key */
+ dsaKey = EVP_PKEY_get1_DSA(ctx->pKey);
+ if(dsaKey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "EVP_PKEY_get1_DSA",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
- rSize = BN_num_bytes(s->r);
- sSize = BN_num_bytes(s->s);
- if((rSize > (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2)) ||
- (sSize > (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2))) {
+ /* signature size = r + s + 8 bytes, we just need r+s */
+ dsaSignSize = DSA_size(dsaKey);
+ if(dsaSignSize < 8) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
+ "DSA_size",
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "dsaSignSize=%d", (int)dsaSignSize);
+ goto done;
+ }
+
+ signHalfSize = (dsaSignSize - 8) / 2;
+ if(signHalfSize < 4) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
+ "signHalfSize",
XMLSEC_ERRORS_R_INVALID_SIZE,
- "size(r)=%d or size(s)=%d > %d",
- rSize, sSize, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2);
- DSA_SIG_free(s);
- return(0);
+ "signHalfSize=%d", (int)signHalfSize);
+ goto done;
}
- memset(sig, 0, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE);
- BN_bn2bin(s->r, sig + (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2) - rSize);
- BN_bn2bin(s->s, sig + XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE - sSize);
- *siglen = XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE;
+ /* calculate signature */
+ sig = DSA_do_sign(ctx->dgst, ctx->dgstSize, dsaKey);
+ if(sig == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_do_sign",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
- DSA_SIG_free(s);
- return(1);
+ /* get signature components */
+ DSA_SIG_get0(&rr, &ss, sig);
+ if((rr == NULL) || (ss == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_SIG_get0",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+ rSize = BN_num_bytes(rr);
+ if(rSize > signHalfSize) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "rSize=%d > %d",
+ rSize, signHalfSize);
+ goto done;
+ }
+ sSize = BN_num_bytes(ss);
+ if(sSize > signHalfSize) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "sSize=%d > %d",
+ sSize, signHalfSize);
+ goto done;
+ }
+
+ /* allocate buffer */
+ ret = xmlSecBufferSetSize(out, 2 * signHalfSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecBufferSetSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%d", (int)(2 * signHalfSize));
+ goto done;
+ }
+ outData = xmlSecBufferGetData(out);
+ xmlSecAssert2(outData != NULL, -1);
+
+ /* write components */
+ xmlSecAssert2((rSize + sSize) <= 2 * signHalfSize, -1);
+ memset(outData, 0, 2 * signHalfSize);
+ BN_bn2bin(rr, outData + signHalfSize - rSize);
+ BN_bn2bin(ss, outData + 2 * signHalfSize - sSize);
+
+ /* success */
+ res = 0;
+
+done:
+ /* cleanup */
+ if(sig != NULL) {
+ DSA_SIG_free(sig);
+ }
+ if(dsaKey != NULL) {
+ DSA_free(dsaKey);
+ }
+
+ /* done */
+ return(res);
}
static int
-xmlSecOpenSSLDsaEvpVerify(int type ATTRIBUTE_UNUSED,
- const unsigned char *dgst, unsigned int dgst_len,
- const unsigned char *sigbuf, unsigned int siglen,
- void *dsa) {
- DSA_SIG *s;
- int ret = -1;
+xmlSecOpenSSLSignatureDsaVerify(xmlSecOpenSSLSignatureCtxPtr ctx, const xmlSecByte* signData, xmlSecSize signSize) {
+ DSA * dsaKey = NULL;
+ DSA_SIG *sig = NULL;
+ BIGNUM *rr = NULL, *ss = NULL;
+ xmlSecSize dsaSignSize, signHalfSize;
+ int res = -1;
+ int ret;
- s = DSA_SIG_new();
- if (s == NULL) {
- return(ret);
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
+ xmlSecAssert2(signData != NULL, -1);
+
+ /* get key */
+ dsaKey = EVP_PKEY_get1_DSA(ctx->pKey);
+ if(dsaKey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "EVP_PKEY_get1_DSA",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* signature size = r + s + 8 bytes, we just need r+s */
+ dsaSignSize = DSA_size(dsaKey);
+ if(dsaSignSize < 8) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_size",
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "dsaSignSize=%d", (int)dsaSignSize);
+ goto done;
+ }
+
+ signHalfSize = (dsaSignSize - 8) / 2;
+ if(signHalfSize < 4) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "signHalfSize",
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "signHalfSize=%d", (int)signHalfSize);
+ goto done;
}
- if(siglen != XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE) {
+ /* check size */
+ if(signSize != 2 * signHalfSize) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_INVALID_SIZE,
"invalid length %d (%d expected)",
- siglen, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE);
+ (int)signSize, (int)(2 * signHalfSize));
goto done;
}
- s->r = BN_bin2bn(sigbuf, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2, NULL);
- s->s = BN_bin2bn(sigbuf + (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2),
- XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2, NULL);
- if((s->r == NULL) || (s->s == NULL)) {
+ /* create/read signature */
+ sig = DSA_SIG_new();
+ if (sig == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "BN_bin2bn",
+ "DSA_SIG_new",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- ret = DSA_do_verify(dgst, dgst_len, s, dsa);
+ /* get signature components */
+ DSA_SIG_get0(&rr, &ss, sig);
+ if((rr == NULL) || (ss == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_SIG_get0",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ rr = BN_bin2bn(signData, signHalfSize, rr);
+ if(rr == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "BN_bin2bn(sig->r)",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+ ss = BN_bin2bn(signData + signHalfSize, signHalfSize, ss);
+ if(ss == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "BN_bin2bn(sig->s)",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* verify signature */
+ ret = DSA_do_verify(ctx->dgst, ctx->dgstSize, sig, dsaKey);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_do_verify",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* return 1 for good signatures and 0 for bad */
+ if(ret > 0) {
+ res = 1;
+ } else if(ret == 0) {
+ res = 0;
+ }
done:
- DSA_SIG_free(s);
- return(ret);
+ /* cleanup */
+ if(sig != NULL) {
+ DSA_SIG_free(sig);
+ }
+ if(dsaKey != NULL) {
+ DSA_free(dsaKey);
+ }
+
+ /* done */
+ return(res);
}
#ifndef XMLSEC_NO_SHA1
@@ -791,25 +870,25 @@ done:
static xmlSecTransformKlass xmlSecOpenSSLDsaSha1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameDsaSha1, /* const xmlChar* name; */
xmlSecHrefDsaSha1, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -827,57 +906,6 @@ xmlSecOpenSSLTransformDsaSha1GetKlass(void) {
return(&xmlSecOpenSSLDsaSha1Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLDsaSha1EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLDsaSha1EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLDsaSha1EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLDsaSha1MdEvp = {
- NID_dsaWithSHA,
- NID_dsaWithSHA,
- SHA_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLDsaSha1EvpInit,
- xmlSecOpenSSLDsaSha1EvpUpdate,
- xmlSecOpenSSLDsaSha1EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA1_Init,
- SHA1_Update,
- SHA1_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLDsaEvpSign,
- xmlSecOpenSSLDsaEvpVerify,
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,EVP_PKEY_DSA4,0},
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX)
-#ifdef XMLSEC_OPENSSL_100
- , NULL
-#endif /* XMLSEC_OPENSSL_100 */
-};
-
-static const EVP_MD *xmlSecOpenSSLDsaSha1Evp(void)
-{
- return(&xmlSecOpenSSLDsaSha1MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA256
@@ -890,25 +918,25 @@ static const EVP_MD *xmlSecOpenSSLDsaSha1Evp(void)
static xmlSecTransformKlass xmlSecOpenSSLDsaSha256Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameDsaSha256, /* const xmlChar* name; */
xmlSecHrefDsaSha256, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -926,50 +954,6 @@ xmlSecOpenSSLTransformDsaSha256GetKlass(void) {
return(&xmlSecOpenSSLDsaSha256Klass);
}
-#ifdef XMLSEC_OPENSSL_100
-static int
-xmlSecOpenSSLDsaSha256EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA256_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLDsaSha256EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA256_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLDsaSha256EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA256_Final(md,ctx->md_data);
-}
-
-static const EVP_MD xmlSecOpenSSLDsaSha256MdEvp = {
- NID_dsa_with_SHA256,
- NID_dsa_with_SHA256,
- SHA256_DIGEST_LENGTH,
- 0,
- xmlSecOpenSSLDsaSha256EvpInit,
- xmlSecOpenSSLDsaSha256EvpUpdate,
- xmlSecOpenSSLDsaSha256EvpFinal,
- NULL,
- NULL,
- xmlSecOpenSSLDsaEvpSign,
- xmlSecOpenSSLDsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,EVP_PKEY_DSA4,0},
- SHA256_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA256_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLDsaSha256Evp(void)
-{
- return(&xmlSecOpenSSLDsaSha256MdEvp);
-}
-#endif /* XMLSEC_OPENSSL_100 */
-
#endif /* XMLSEC_NO_SHA256 */
#endif /* XMLSEC_NO_DSA */
@@ -991,26 +975,18 @@ static const EVP_MD *xmlSecOpenSSLDsaSha256Evp(void)
* octet-stream conversion MUST be done according to the I2OSP operation
* defined in Section 4.1 of RFC 3447 [PKCS1] with the xLen parameter equal
* to the size of the base point order of the curve in bytes (32 for the
- * P-256 curve).
+ * P-256 curve and 66 for the P-521 curve).
*
***************************************************************************/
-static int
-xmlSecOpenSSLEcdsaEvpSign(int type ATTRIBUTE_UNUSED,
- const unsigned char *dgst, unsigned int dlen,
- unsigned char *sig, unsigned int *siglen, void *ecdsa) {
- int rSize, sSize, xLen;
+static xmlSecSize
+xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(EC_KEY * ecKey) {
const EC_GROUP *group;
BIGNUM *order = NULL;
- ECDSA_SIG *s;
- int ret = 0;
+ xmlSecSize signHalfSize = 0;
- s = ECDSA_do_sign(dgst, dlen, ecdsa);
- if(s == NULL) {
- *siglen = 0;
- return(ret);
- }
+ xmlSecAssert2(ecKey != NULL, 0);
- group = EC_KEY_get0_group(ecdsa);
+ group = EC_KEY_get0_group(ecKey);
if(group == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -1039,129 +1015,256 @@ xmlSecOpenSSLEcdsaEvpSign(int type ATTRIBUTE_UNUSED,
goto done;
}
- xLen = BN_num_bytes(order);
- if(xLen > (XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2)) {
+ /* result */
+ signHalfSize = BN_num_bytes(order);
+
+done:
+ /* cleanup */
+ if(order != NULL) {
+ BN_clear_free(order);
+ }
+
+ /* done */
+ return(signHalfSize);
+}
+
+
+static int
+xmlSecOpenSSLSignatureEcdsaSign(xmlSecOpenSSLSignatureCtxPtr ctx, xmlSecBufferPtr out) {
+ EC_KEY * ecKey = NULL;
+ ECDSA_SIG *sig = NULL;
+ BIGNUM *rr = NULL, *ss = NULL;
+ xmlSecByte *outData;
+ xmlSecSize signHalfSize, rSize, sSize;
+ int res = -1;
+ int ret;
+
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
+ xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
+ xmlSecAssert2(out != NULL, -1);
+
+ /* get key */
+ ecKey = EVP_PKEY_get1_EC_KEY(ctx->pKey);
+ if(ecKey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "EVP_PKEY_get1_DSA",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* calculate signature size */
+ signHalfSize = xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(ecKey);
+ if(signHalfSize <= 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecOpenSSLSignatureEcdsaSignatureHalfSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* sign */
+ sig = ECDSA_do_sign(ctx->dgst, ctx->dgstSize, ecKey);
+ if(sig == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "ECDSA_do_sign",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* get signature components */
+ ECDSA_SIG_get0(&rr, &ss, sig);
+ if((rr == NULL) || (ss == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "ECDSA_SIG_get0",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
+ /* check sizes */
+ rSize = BN_num_bytes(rr);
+ if(rSize > signHalfSize) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_INVALID_SIZE,
- "xLen=%d > %d",
- xLen, XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2);
+ "rSize=%d > %d",
+ (int)rSize, (int)signHalfSize);
goto done;
}
- rSize = BN_num_bytes(s->r);
- sSize = BN_num_bytes(s->s);
- if((rSize > xLen) || (sSize > xLen)) {
+ sSize = BN_num_bytes(ss);
+ if(sSize > signHalfSize) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_INVALID_SIZE,
- "size(r)=%d or size(s)=%d > %d",
- rSize, sSize, xLen);
+ "sSize=%d > %d",
+ (int)sSize, (int)signHalfSize);
+ goto done;
+ }
+
+ /* allocate buffer */
+ ret = xmlSecBufferSetSize(out, 2 * signHalfSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecBufferSetSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%d", (int)(2 * signHalfSize));
goto done;
}
+ outData = xmlSecBufferGetData(out);
+ xmlSecAssert2(outData != NULL, -1);
- memset(sig, 0, xLen * 2);
- BN_bn2bin(s->r, sig + xLen - rSize);
- BN_bn2bin(s->s, sig + (xLen * 2) - sSize);
- *siglen = xLen * 2;
+ /* write components */
+ xmlSecAssert2((rSize + sSize) <= 2 * signHalfSize, -1);
+ memset(outData, 0, 2 * signHalfSize);
+ BN_bn2bin(rr, outData + signHalfSize - rSize);
+ BN_bn2bin(ss, outData + 2 * signHalfSize - sSize);
- ret = 1;
+ /* success */
+ res = 0;
done:
- if(order != NULL) {
- BN_clear_free(order);
+ /* cleanup */
+ if(sig != NULL) {
+ ECDSA_SIG_free(sig);
+ }
+ if(ecKey != NULL) {
+ EC_KEY_free(ecKey);
}
- ECDSA_SIG_free(s);
- return(ret);
+
+ /* done */
+ return(res);
}
static int
-xmlSecOpenSSLEcdsaEvpVerify(int type ATTRIBUTE_UNUSED,
- const unsigned char *dgst, unsigned int dgst_len,
- const unsigned char *sigbuf, unsigned int siglen,
- void *ecdsa) {
- const EC_GROUP *group;
- unsigned int xLen;
- BIGNUM *order = NULL;
- ECDSA_SIG *s;
- int ret = -1;
+xmlSecOpenSSLSignatureEcdsaVerify(xmlSecOpenSSLSignatureCtxPtr ctx, const xmlSecByte* signData, xmlSecSize signSize) {
+ EC_KEY * ecKey = NULL;
+ ECDSA_SIG *sig = NULL;
+ BIGNUM *rr = NULL, *ss = NULL;
+ xmlSecSize signHalfSize;
+ int res = -1;
+ int ret;
- s = ECDSA_SIG_new();
- if (s == NULL) {
- return(ret);
- }
+ xmlSecAssert2(ctx != NULL, -1);
+ xmlSecAssert2(ctx->pKey != NULL, -1);
+ xmlSecAssert2(ctx->dgstSize > 0, -1);
+ xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
+ xmlSecAssert2(signData != NULL, -1);
- group = EC_KEY_get0_group(ecdsa);
- if(group == NULL) {
+ /* get key */
+ ecKey = EVP_PKEY_get1_EC_KEY(ctx->pKey);
+ if(ecKey == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "EC_KEY_get0_group",
+ "EVP_PKEY_get1_DSA",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- order = BN_new();
- if(order == NULL) {
+ /* calculate signature size */
+ signHalfSize = xmlSecOpenSSLSignatureEcdsaSignatureHalfSize(ecKey);
+ if(signHalfSize <= 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "BN_new",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "xmlSecOpenSSLSignatureEcdsaSignatureHalfSize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- if(EC_GROUP_get_order(group, order, NULL) != 1) {
+ /* check size */
+ if(signSize != 2 * signHalfSize) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "EC_GROUP_get_order",
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_SIZE,
+ "invalid length %d (%d expected)",
+ (int)signSize, (int)(2 * signHalfSize));
+ goto done;
+ }
+
+ /* create/read signature */
+ sig = ECDSA_SIG_new();
+ if (sig == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "DSA_SIG_new",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- xLen = BN_num_bytes(order);
- if(xLen > (XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2)) {
+ /* get signature components */
+ ECDSA_SIG_get0(&rr, &ss, sig);
+ if((rr == NULL) || (ss == NULL)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_SIZE,
- "xLen=%d > %d",
- xLen, XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2);
+ "ECDSA_SIG_get0",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- if(siglen != xLen * 2) {
+ rr = BN_bin2bn(signData, signHalfSize, rr);
+ if(rr == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
+ "BN_bin2bn(sig->r)",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+ ss = BN_bin2bn(signData + signHalfSize, signHalfSize, ss);
+ if(ss == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- XMLSEC_ERRORS_R_INVALID_SIZE,
- "invalid length %d (%d expected)",
- siglen, xLen * 2);
+ "BN_bin2bn(sig->s)",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- s->r = BN_bin2bn(sigbuf, xLen, NULL);
- s->s = BN_bin2bn(sigbuf + xLen, xLen, NULL);
- if((s->r == NULL) || (s->s == NULL)) {
+ /* verify signature */
+ ret = ECDSA_do_verify(ctx->dgst, ctx->dgstSize, sig, ecKey);
+ if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "BN_bin2bn",
+ "ECDSA_do_verify",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
- ret = ECDSA_do_verify(dgst, dgst_len, s, ecdsa);
+ /* return 1 for good signatures and 0 for bad */
+ if(ret > 0) {
+ res = 1;
+ } else if(ret == 0) {
+ res = 0;
+ }
done:
- if(order != NULL) {
- BN_clear_free(order);
+ /* cleanup */
+ if(sig != NULL) {
+ ECDSA_SIG_free(sig);
+ }
+ if(ecKey != NULL) {
+ EC_KEY_free(ecKey);
}
- ECDSA_SIG_free(s);
- return(ret);
+
+ /* done */
+ return(res);
}
#ifndef XMLSEC_NO_SHA1
@@ -1174,25 +1277,25 @@ done:
static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha1Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameEcdsaSha1, /* const xmlChar* name; */
xmlSecHrefEcdsaSha1, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -1210,56 +1313,6 @@ xmlSecOpenSSLTransformEcdsaSha1GetKlass(void) {
return(&xmlSecOpenSSLEcdsaSha1Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLEcdsaSha1EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha1EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA1_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha1EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA1_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLEcdsaSha1MdEvp = {
- NID_ecdsa_with_SHA1,
- NID_ecdsa_with_SHA1,
- SHA_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLEcdsaSha1EvpInit,
- xmlSecOpenSSLEcdsaSha1EvpUpdate,
- xmlSecOpenSSLEcdsaSha1EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA1_Init,
- SHA1_Update,
- SHA1_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLEcdsaEvpSign,
- xmlSecOpenSSLEcdsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA1,0,0,0},
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLEcdsaSha1Evp(void)
-{
- return(&xmlSecOpenSSLEcdsaSha1MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA1 */
#ifndef XMLSEC_NO_SHA224
@@ -1272,25 +1325,25 @@ static const EVP_MD *xmlSecOpenSSLEcdsaSha1Evp(void)
static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha224Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameEcdsaSha224, /* const xmlChar* name; */
xmlSecHrefEcdsaSha224, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -1308,56 +1361,6 @@ xmlSecOpenSSLTransformEcdsaSha224GetKlass(void) {
return(&xmlSecOpenSSLEcdsaSha224Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLEcdsaSha224EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA224_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha224EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA224_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha224EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA224_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLEcdsaSha224MdEvp = {
- NID_ecdsa_with_SHA224,
- NID_ecdsa_with_SHA224,
- SHA224_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLEcdsaSha224EvpInit,
- xmlSecOpenSSLEcdsaSha224EvpUpdate,
- xmlSecOpenSSLEcdsaSha224EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA224_Init,
- SHA224_Update,
- SHA224_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLEcdsaEvpSign,
- xmlSecOpenSSLEcdsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA224,0,0,0},
- SHA256_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA256_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLEcdsaSha224Evp(void)
-{
- return(&xmlSecOpenSSLEcdsaSha224MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA224 */
#ifndef XMLSEC_NO_SHA256
@@ -1370,25 +1373,25 @@ static const EVP_MD *xmlSecOpenSSLEcdsaSha224Evp(void)
static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha256Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameEcdsaSha256, /* const xmlChar* name; */
xmlSecHrefEcdsaSha256, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -1406,56 +1409,6 @@ xmlSecOpenSSLTransformEcdsaSha256GetKlass(void) {
return(&xmlSecOpenSSLEcdsaSha256Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLEcdsaSha256EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA256_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha256EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA256_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha256EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA256_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLEcdsaSha256MdEvp = {
- NID_ecdsa_with_SHA256,
- NID_ecdsa_with_SHA256,
- SHA256_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLEcdsaSha256EvpInit,
- xmlSecOpenSSLEcdsaSha256EvpUpdate,
- xmlSecOpenSSLEcdsaSha256EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA256_Init,
- SHA256_Update,
- SHA256_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLEcdsaEvpSign,
- xmlSecOpenSSLEcdsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA256,0,0,0},
- SHA256_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA256_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLEcdsaSha256Evp(void)
-{
- return(&xmlSecOpenSSLEcdsaSha256MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA256 */
#ifndef XMLSEC_NO_SHA384
@@ -1468,25 +1421,25 @@ static const EVP_MD *xmlSecOpenSSLEcdsaSha256Evp(void)
static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha384Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameEcdsaSha384, /* const xmlChar* name; */
xmlSecHrefEcdsaSha384, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -1504,56 +1457,6 @@ xmlSecOpenSSLTransformEcdsaSha384GetKlass(void) {
return(&xmlSecOpenSSLEcdsaSha384Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLEcdsaSha384EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA384_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha384EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA384_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha384EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA384_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLEcdsaSha384MdEvp = {
- NID_ecdsa_with_SHA384,
- NID_ecdsa_with_SHA384,
- SHA384_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLEcdsaSha384EvpInit,
- xmlSecOpenSSLEcdsaSha384EvpUpdate,
- xmlSecOpenSSLEcdsaSha384EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA384_Init,
- SHA384_Update,
- SHA384_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLEcdsaEvpSign,
- xmlSecOpenSSLEcdsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA384,0,0,0},
- SHA512_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA512_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLEcdsaSha384Evp(void)
-{
- return(&xmlSecOpenSSLEcdsaSha384MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA384 */
#ifndef XMLSEC_NO_SHA512
@@ -1566,25 +1469,25 @@ static const EVP_MD *xmlSecOpenSSLEcdsaSha384Evp(void)
static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha512Klass = {
/* klass/object sizes */
sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+ xmlSecOpenSSLSignatureSize, /* xmlSecSize objSize */
xmlSecNameEcdsaSha512, /* const xmlChar* name; */
xmlSecHrefEcdsaSha512, /* const xmlChar* href; */
xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecOpenSSLSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
NULL, /* xmlSecTransformNodeReadMethod readNode; */
NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecOpenSSLSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
NULL, /* xmlSecTransformPushXmlMethod pushXml; */
NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+ xmlSecOpenSSLSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
NULL, /* void* reserved0; */
NULL, /* void* reserved1; */
@@ -1602,440 +1505,10 @@ xmlSecOpenSSLTransformEcdsaSha512GetKlass(void) {
return(&xmlSecOpenSSLEcdsaSha512Klass);
}
-#ifndef XMLSEC_OPENSSL_096
-static int
-xmlSecOpenSSLEcdsaSha512EvpInit(EVP_MD_CTX *ctx)
-{
- return SHA512_Init(ctx->md_data);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha512EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return SHA512_Update(ctx->md_data,data,count);
-}
-
-static int
-xmlSecOpenSSLEcdsaSha512EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return SHA512_Final(md,ctx->md_data);
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static const EVP_MD xmlSecOpenSSLEcdsaSha512MdEvp = {
- NID_ecdsa_with_SHA512,
- NID_ecdsa_with_SHA512,
- SHA512_DIGEST_LENGTH,
-#ifndef XMLSEC_OPENSSL_096
- 0,
- xmlSecOpenSSLEcdsaSha512EvpInit,
- xmlSecOpenSSLEcdsaSha512EvpUpdate,
- xmlSecOpenSSLEcdsaSha512EvpFinal,
- NULL,
- NULL,
-#else /* XMLSEC_OPENSSL_096 */
- SHA512_Init,
- SHA512_Update,
- SHA512_Final,
-#endif /* XMLSEC_OPENSSL_096 */
- xmlSecOpenSSLEcdsaEvpSign,
- xmlSecOpenSSLEcdsaEvpVerify,
- /* XXX-MAK: This worries me, not sure that the keys are right. */
- {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA512,0,0,0},
- SHA512_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA512_CTX),
- NULL
-};
-
-static const EVP_MD *xmlSecOpenSSLEcdsaSha512Evp(void)
-{
- return(&xmlSecOpenSSLEcdsaSha512MdEvp);
-}
-
#endif /* XMLSEC_NO_SHA512 */
#endif /* XMLSEC_NO_ECDSA */
-#ifndef XMLSEC_NO_RSA
-
-#ifndef XMLSEC_NO_MD5
-/****************************************************************************
- *
- * RSA-MD5 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaMd5Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaMd5, /* const xmlChar* name; */
- xmlSecHrefRsaMd5, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaMd5GetKlass:
- *
- * The RSA-MD5 signature transform klass.
- *
- * Returns: RSA-MD5 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaMd5GetKlass(void) {
- return(&xmlSecOpenSSLRsaMd5Klass);
-}
-
-#endif /* XMLSEC_NO_MD5 */
-
-#ifndef XMLSEC_NO_RIPEMD160
-/****************************************************************************
- *
- * RSA-RIPEMD160 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaRipemd160Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaRipemd160, /* const xmlChar* name; */
- xmlSecHrefRsaRipemd160, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaRipemd160GetKlass:
- *
- * The RSA-RIPEMD160 signature transform klass.
- *
- * Returns: RSA-RIPEMD160 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaRipemd160GetKlass(void) {
- return(&xmlSecOpenSSLRsaRipemd160Klass);
-}
-
-#endif /* XMLSEC_NO_RIPEMD160 */
-
-#ifndef XMLSEC_NO_SHA1
-/****************************************************************************
- *
- * RSA-SHA1 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaSha1Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaSha1, /* const xmlChar* name; */
- xmlSecHrefRsaSha1, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaSha1GetKlass:
- *
- * The RSA-SHA1 signature transform klass.
- *
- * Returns: RSA-SHA1 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaSha1GetKlass(void) {
- return(&xmlSecOpenSSLRsaSha1Klass);
-}
-
-#endif /* XMLSEC_NO_SHA1 */
-
-#ifndef XMLSEC_NO_SHA224
-/****************************************************************************
- *
- * RSA-SHA224 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaSha224Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaSha224, /* const xmlChar* name; */
- xmlSecHrefRsaSha224, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaSha224GetKlass:
- *
- * The RSA-SHA224 signature transform klass.
- *
- * Returns: RSA-SHA224 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaSha224GetKlass(void) {
- return(&xmlSecOpenSSLRsaSha224Klass);
-}
-
-#endif /* XMLSEC_NO_SHA224 */
-
-#ifndef XMLSEC_NO_SHA256
-/****************************************************************************
- *
- * RSA-SHA256 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaSha256Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaSha256, /* const xmlChar* name; */
- xmlSecHrefRsaSha256, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaSha256GetKlass:
- *
- * The RSA-SHA256 signature transform klass.
- *
- * Returns: RSA-SHA256 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaSha256GetKlass(void) {
- return(&xmlSecOpenSSLRsaSha256Klass);
-}
-
-#endif /* XMLSEC_NO_SHA256 */
-
-#ifndef XMLSEC_NO_SHA384
-/****************************************************************************
- *
- * RSA-SHA384 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaSha384Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaSha384, /* const xmlChar* name; */
- xmlSecHrefRsaSha384, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaSha384GetKlass:
- *
- * The RSA-SHA384 signature transform klass.
- *
- * Returns: RSA-SHA384 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaSha384GetKlass(void) {
- return(&xmlSecOpenSSLRsaSha384Klass);
-}
-
-#endif /* XMLSEC_NO_SHA384 */
-
-#ifndef XMLSEC_NO_SHA512
-/****************************************************************************
- *
- * RSA-SHA512 signature transform
- *
- ***************************************************************************/
-static xmlSecTransformKlass xmlSecOpenSSLRsaSha512Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameRsaSha512, /* const xmlChar* name; */
- xmlSecHrefRsaSha512, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformRsaSha512GetKlass:
- *
- * The RSA-SHA512 signature transform klass.
- *
- * Returns: RSA-SHA512 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
- return(&xmlSecOpenSSLRsaSha512Klass);
-}
-
-#endif /* XMLSEC_NO_SHA512 */
-
-#endif /* XMLSEC_NO_RSA */
-
-
-#ifndef XMLSEC_NO_GOST
-/****************************************************************************
- *
- * GOST2001-GOSTR3411_94 signature transform
- *
- ***************************************************************************/
-
-static xmlSecTransformKlass xmlSecOpenSSLGost2001GostR3411_94Klass = {
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
-
- xmlSecNameGost2001GostR3411_94, /* const xmlChar* name; */
- xmlSecHrefGost2001GostR3411_94, /* const xmlChar* href; */
- xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
-
- xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
- xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass:
- *
- * The GOST2001-GOSTR3411_94 signature transform klass.
- *
- * Returns: GOST2001-GOSTR3411_94 signature transform klass.
- */
-xmlSecTransformId
-xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void) {
- return(&xmlSecOpenSSLGost2001GostR3411_94Klass);
-}
-#endif /* XMLSEC_NO_GOST*/
diff --git a/src/openssl/symkeys.c b/src/openssl/symkeys.c
index 6195ed6d..78d29e29 100644
--- a/src/openssl/symkeys.c
+++ b/src/openssl/symkeys.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -181,11 +181,9 @@ xmlSecOpenSSLSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
#endif /* XMLSEC_NO_DES */
#ifndef XMLSEC_NO_AES
-#ifndef XMLSEC_OPENSSL_096
if(klass == xmlSecOpenSSLKeyDataAesId) {
return(1);
}
-#endif /* XMLSEC_OPENSSL_096 */
#endif /* XMLSEC_NO_AES */
#ifndef XMLSEC_NO_HMAC
@@ -198,7 +196,6 @@ xmlSecOpenSSLSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
}
#ifndef XMLSEC_NO_AES
-#ifndef XMLSEC_OPENSSL_096
/**************************************************************************
*
* <xmlsec:AESKeyValue> processing
@@ -277,8 +274,6 @@ xmlSecOpenSSLKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecS
return(xmlSecBufferSetData(buffer, buf, bufSize));
}
-
-#endif /* XMLSEC_OPENSSL_096 */
#endif /* XMLSEC_NO_AES */
#ifndef XMLSEC_NO_DES
diff --git a/src/openssl/x509.c b/src/openssl/x509.c
index 459a312d..891db6b6 100644
--- a/src/openssl/x509.c
+++ b/src/openssl/x509.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -1751,7 +1751,6 @@ xmlSecOpenSSLX509CertGetTime(ASN1_TIME* t, time_t* res) {
xmlSecAssert2(res != NULL, -1);
(*res) = 0;
-#ifndef XMLSEC_OPENSSL_096
if(!ASN1_TIME_check(t)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -1760,7 +1759,6 @@ xmlSecOpenSSLX509CertGetTime(ASN1_TIME* t, time_t* res) {
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
-#endif /* XMLSEC_OPENSSL_096 */
memset(&tm, 0, sizeof(tm));
@@ -1941,7 +1939,7 @@ xmlSecOpenSSLX509CertBase64DerWrite(X509* cert, int base64LineWrap) {
/* todo: add error checks */
i2d_X509_bio(mem, cert);
- BIO_flush(mem);
+ (void)BIO_flush(mem);
size = BIO_get_mem_data(mem, &p);
if((size <= 0) || (p == NULL)){
@@ -2055,7 +2053,7 @@ xmlSecOpenSSLX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) {
/* todo: add error checks */
i2d_X509_CRL_bio(mem, crl);
- BIO_flush(mem);
+ (void)BIO_flush(mem);
size = BIO_get_mem_data(mem, &p);
if((size <= 0) || (p == NULL)){
@@ -2111,7 +2109,7 @@ xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
return(NULL);
}
- BIO_flush(mem); /* should call flush ? */
+ (void)BIO_flush(mem); /* should call flush ? */
size = BIO_pending(mem);
res = xmlMalloc(size + 1);
@@ -2218,21 +2216,21 @@ xmlSecOpenSSLX509SKIWrite(X509* cert) {
"X509V3_EXT_d2i",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- M_ASN1_OCTET_STRING_free(keyId);
+ ASN1_OCTET_STRING_free(keyId);
return(NULL);
}
- res = xmlSecBase64Encode(M_ASN1_STRING_data(keyId), M_ASN1_STRING_length(keyId), 0);
+ res = xmlSecBase64Encode(ASN1_STRING_data(keyId), ASN1_STRING_length(keyId), 0);
if(res == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecBase64Encode",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- M_ASN1_OCTET_STRING_free(keyId);
+ ASN1_OCTET_STRING_free(keyId);
return(NULL);
}
- M_ASN1_OCTET_STRING_free(keyId);
+ ASN1_OCTET_STRING_free(keyId);
return(res);
}
diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c
index b5273a48..155e1ab5 100644
--- a/src/openssl/x509vfy.c
+++ b/src/openssl/x509vfy.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -37,6 +37,11 @@
#include <xmlsec/openssl/evp.h>
#include <xmlsec/openssl/x509.h>
+/* new API from OpenSSL 1.1.0 */
+#if !defined(XMLSEC_OPENSSL_110)
+#define X509_REVOKED_get0_serialNumber(x) ((x)->serialNumber)
+#endif /* !defined(XMLSEC_OPENSSL_110) */
+
/**************************************************************************
*
* Internal OpenSSL X509 store CTX
@@ -48,10 +53,7 @@ struct _xmlSecOpenSSLX509StoreCtx {
X509_STORE* xst;
STACK_OF(X509)* untrusted;
STACK_OF(X509_CRL)* crls;
-
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
X509_VERIFY_PARAM * vpm;
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
};
/****************************************************************************
@@ -107,11 +109,13 @@ static int xmlSecOpenSSLX509NameStringRead (xmlSecB
int ingoreTrailingSpaces);
static int xmlSecOpenSSLX509NamesCompare (X509_NAME *a,
X509_NAME *b);
-static int xmlSecOpenSSLX509_NAME_cmp (const X509_NAME * a,
- const X509_NAME * b);
+static STACK_OF(X509_NAME_ENTRY)* xmlSecOpenSSLX509_NAME_ENTRIES_copy (X509_NAME *a);
+static int xmlSecOpenSSLX509_NAME_ENTRIES_cmp (STACK_OF(X509_NAME_ENTRY) * a,
+ STACK_OF(X509_NAME_ENTRY) * b);
static int xmlSecOpenSSLX509_NAME_ENTRY_cmp (const X509_NAME_ENTRY * const *a,
const X509_NAME_ENTRY * const *b);
+
/**
* xmlSecOpenSSLX509StoreGetKlass:
*
@@ -178,7 +182,7 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
X509 * cert;
X509 * err_cert = NULL;
char buf[256];
- int err = 0, depth;
+ int err = 0;
int i;
int ret;
@@ -287,49 +291,41 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
if(xmlSecOpenSSLX509FindNextChainCert(certs2, cert) == NULL) {
X509_STORE_CTX xsc;
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
- X509_VERIFY_PARAM * vpm = NULL;
- unsigned long vpm_flags = 0;
-
- vpm = X509_VERIFY_PARAM_new();
- if(vpm == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "X509_VERIFY_PARAM_new",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
+ X509_STORE_CTX_init (&xsc, ctx->xst, cert, certs2);
+ if(keyInfoCtx->certsVerificationTime > 0) {
+ X509_STORE_CTX_set_time(&xsc, 0, keyInfoCtx->certsVerificationTime);
}
- vpm_flags = vpm->flags;
-/*
- vpm_flags &= (~X509_V_FLAG_X509_STRICT);
-*/
- vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
- X509_VERIFY_PARAM_set_depth(vpm, 9);
- X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
+ {
+ X509_VERIFY_PARAM * vpm = NULL;
+ unsigned long vpm_flags = 0;
+ vpm = X509_VERIFY_PARAM_new();
+ if(vpm == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+ "X509_VERIFY_PARAM_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+ vpm_flags = X509_VERIFY_PARAM_get_flags(vpm);
+ vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
- X509_STORE_CTX_init (&xsc, ctx->xst, cert, certs2);
+ if(keyInfoCtx->certsVerificationTime > 0) {
+ vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
+ X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
+ }
- if(keyInfoCtx->certsVerificationTime > 0) {
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
- vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
- X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
- X509_STORE_CTX_set_time(&xsc, 0, keyInfoCtx->certsVerificationTime);
+ X509_VERIFY_PARAM_set_depth(vpm, 9);
+ X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
+ X509_STORE_CTX_set0_param(&xsc, vpm);
}
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
- X509_STORE_CTX_set0_param(&xsc, vpm);
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
-
ret = X509_verify_cert(&xsc);
err_cert = X509_STORE_CTX_get_current_cert(&xsc);
err = X509_STORE_CTX_get_error(&xsc);
- depth = X509_STORE_CTX_get_error_depth(&xsc);
X509_STORE_CTX_cleanup (&xsc);
if(ret != 1 && keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ALLOW_BROKEN_CHAIN){
@@ -688,7 +684,6 @@ xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
return(-1);
}
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
ctx->vpm = X509_VERIFY_PARAM_new();
if(ctx->vpm == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -701,9 +696,6 @@ xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
X509_VERIFY_PARAM_set_depth(ctx->vpm, 9); /* the default cert verification path in openssl */
X509_STORE_set1_param(ctx->xst, ctx->vpm);
-#else /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
- ctx->xst->depth = 9; /* the default cert verification path in openssl */
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
return(0);
}
@@ -726,11 +718,9 @@ xmlSecOpenSSLX509StoreFinalize(xmlSecKeyDataStorePtr store) {
if(ctx->crls != NULL) {
sk_X509_CRL_pop_free(ctx->crls, X509_CRL_free);
}
-#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
if(ctx->vpm != NULL) {
X509_VERIFY_PARAM_free(ctx->vpm);
}
-#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
memset(ctx, 0, sizeof(xmlSecOpenSSLX509StoreCtx));
}
@@ -910,10 +900,10 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
keyId = X509V3_EXT_d2i(ext);
if((keyId != NULL) && (keyId->length == len) &&
(memcmp(keyId->data, ski, len) == 0)) {
- M_ASN1_OCTET_STRING_free(keyId);
+ ASN1_OCTET_STRING_free(keyId);
return(cert);
}
- M_ASN1_OCTET_STRING_free(keyId);
+ ASN1_OCTET_STRING_free(keyId);
}
}
}
@@ -955,6 +945,7 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
* Try to retrieve a CRL corresponding to the issuer of
* the current certificate
*/
+ issuer = X509_get_issuer_name(cert);
n = sk_X509_CRL_num(crls);
for(i = 0; i < n; i++) {
crl = sk_X509_CRL_value(crls, i);
@@ -962,7 +953,6 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
continue;
}
- issuer = X509_CRL_get_issuer(crl);
if(xmlSecOpenSSLX509NamesCompare(X509_CRL_get_issuer(crl), issuer) == 0) {
break;
}
@@ -987,7 +977,7 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
for (i = 0; i < n; i++) {
revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
- if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
+ if (ASN1_INTEGER_cmp(X509_REVOKED_get0_serialNumber(revoked), X509_get_serialNumber(cert)) == 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
@@ -1175,21 +1165,47 @@ xmlSecOpenSSLX509NameStringRead(xmlSecByte **str, int *strLen,
return((ingoreTrailingSpaces) ? nonSpace - res + 1 : q - res);
}
+/**
+ * This function DOES NOT create duplicates for X509_NAME_ENTRY objects!
+ */
+static STACK_OF(X509_NAME_ENTRY)*
+xmlSecOpenSSLX509_NAME_ENTRIES_copy(X509_NAME * a) {
+ STACK_OF(X509_NAME_ENTRY) * res = NULL;
+ int ii;
+
+ res = sk_X509_NAME_ENTRY_new(xmlSecOpenSSLX509_NAME_ENTRY_cmp);
+ if(res == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "sk_X509_NAME_ENTRY_new",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
+ for (ii = X509_NAME_entry_count(a) - 1; ii >= 0; --ii) {
+ sk_X509_NAME_ENTRY_push(res, X509_NAME_get_entry(a, ii));
+ }
+
+ return (res);
+}
+
static
-int xmlSecOpenSSLX509_NAME_cmp(const X509_NAME * a, const X509_NAME * b) {
- int i,ret;
- const X509_NAME_ENTRY *na,*nb;
+int xmlSecOpenSSLX509_NAME_ENTRIES_cmp(STACK_OF(X509_NAME_ENTRY)* a, STACK_OF(X509_NAME_ENTRY)* b) {
+ const X509_NAME_ENTRY *na;
+ const X509_NAME_ENTRY *nb;
+ int ii, ret;
xmlSecAssert2(a != NULL, -1);
xmlSecAssert2(b != NULL, 1);
- if (sk_X509_NAME_ENTRY_num(a->entries) != sk_X509_NAME_ENTRY_num(b->entries)) {
- return sk_X509_NAME_ENTRY_num(a->entries) - sk_X509_NAME_ENTRY_num(b->entries);
+ if (sk_X509_NAME_ENTRY_num(a) != sk_X509_NAME_ENTRY_num(b)) {
+ return sk_X509_NAME_ENTRY_num(a) - sk_X509_NAME_ENTRY_num(b);
}
- for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) {
- na=sk_X509_NAME_ENTRY_value(a->entries,i);
- nb=sk_X509_NAME_ENTRY_value(b->entries,i);
+ for (ii = sk_X509_NAME_ENTRY_num(a) - 1; ii >= 0; --ii) {
+ na = sk_X509_NAME_ENTRY_value(a, ii);
+ nb = sk_X509_NAME_ENTRY_value(b, ii);
ret = xmlSecOpenSSLX509_NAME_ENTRY_cmp(&na, &nb);
if(ret != 0) {
@@ -1209,49 +1225,52 @@ int xmlSecOpenSSLX509_NAME_cmp(const X509_NAME * a, const X509_NAME * b) {
*/
static int
xmlSecOpenSSLX509NamesCompare(X509_NAME *a, X509_NAME *b) {
- X509_NAME *a1 = NULL;
- X509_NAME *b1 = NULL;
+ STACK_OF(X509_NAME_ENTRY) *a1 = NULL;
+ STACK_OF(X509_NAME_ENTRY) *b1 = NULL;
int ret;
xmlSecAssert2(a != NULL, -1);
xmlSecAssert2(b != NULL, 1);
- a1 = X509_NAME_dup(a);
+ a1 = xmlSecOpenSSLX509_NAME_ENTRIES_copy(a);
if(a1 == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "X509_NAME_dup",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "xmlSecOpenSSLX509_NAME_ENTRIES_copy",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
- b1 = X509_NAME_dup(b);
+ b1 = xmlSecOpenSSLX509_NAME_ENTRIES_copy(b);
if(b1 == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
- "X509_NAME_dup",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "xmlSecOpenSSLX509_NAME_ENTRIES_copy",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
+ sk_X509_NAME_ENTRY_free(a1);
return(1);
}
/* sort both */
- (void)sk_X509_NAME_ENTRY_set_cmp_func(a1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
- sk_X509_NAME_ENTRY_sort(a1->entries);
- (void)sk_X509_NAME_ENTRY_set_cmp_func(b1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
- sk_X509_NAME_ENTRY_sort(b1->entries);
+ (void)sk_X509_NAME_ENTRY_set_cmp_func(a1, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
+ sk_X509_NAME_ENTRY_sort(a1);
+ (void)sk_X509_NAME_ENTRY_set_cmp_func(b1, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
+ sk_X509_NAME_ENTRY_sort(b1);
/* actually compare */
- ret = xmlSecOpenSSLX509_NAME_cmp(a1, b1);
+ ret = xmlSecOpenSSLX509_NAME_ENTRIES_cmp(a1, b1);
/* cleanup */
- X509_NAME_free(a1);
- X509_NAME_free(b1);
+ sk_X509_NAME_ENTRY_free(a1);
+ sk_X509_NAME_ENTRY_free(b1);
return(ret);
}
static int
xmlSecOpenSSLX509_NAME_ENTRY_cmp(const X509_NAME_ENTRY * const *a, const X509_NAME_ENTRY * const *b) {
+ ASN1_STRING *a_value, *b_value;
+ ASN1_OBJECT *a_name, *b_name;
int ret;
xmlSecAssert2(a != NULL, -1);
@@ -1259,27 +1278,44 @@ xmlSecOpenSSLX509_NAME_ENTRY_cmp(const X509_NAME_ENTRY * const *a, const X509_NA
xmlSecAssert2((*a) != NULL, -1);
xmlSecAssert2((*b) != NULL, 1);
+
/* first compare values */
- if(((*a)->value == NULL) && ((*b)->value != NULL)) {
+ a_value = X509_NAME_ENTRY_get_data((X509_NAME_ENTRY*)(*a));
+ b_value = X509_NAME_ENTRY_get_data((X509_NAME_ENTRY*)(*b));
+
+ if((a_value == NULL) && (b_value != NULL)) {
return(-1);
- } else if(((*a)->value != NULL) && ((*b)->value == NULL)) {
+ } else if((a_value != NULL) && (b_value == NULL)) {
return(1);
- } else if(((*a)->value == NULL) && ((*b)->value == NULL)) {
+ } else if((a_value == NULL) && (b_value == NULL)) {
return(0);
}
- ret = (*a)->value->length - (*b)->value->length;
+ ret = ASN1_STRING_length(a_value) - ASN1_STRING_length(b_value);
if(ret != 0) {
return(ret);
}
- ret = memcmp((*a)->value->data, (*b)->value->data, (*a)->value->length);
- if(ret != 0) {
- return(ret);
+ if(ASN1_STRING_length(a_value) > 0) {
+ ret = memcmp(ASN1_STRING_data(a_value), ASN1_STRING_data(b_value), ASN1_STRING_length(a_value));
+ if(ret != 0) {
+ return(ret);
+ }
}
/* next compare names */
- return(OBJ_cmp((*a)->object, (*b)->object));
+ a_name = X509_NAME_ENTRY_get_object((X509_NAME_ENTRY*)(*a));
+ b_name = X509_NAME_ENTRY_get_object((X509_NAME_ENTRY*)(*b));
+
+ if((a_name == NULL) && (b_name != NULL)) {
+ return(-1);
+ } else if((a_name != NULL) && (b_name == NULL)) {
+ return(1);
+ } else if((a_name == NULL) && (b_name == NULL)) {
+ return(0);
+ }
+
+ return(OBJ_cmp(a_name, b_name));
}
diff --git a/src/parser.c b/src/parser.c
index 9bb50905..969c3e4f 100644
--- a/src/parser.c
+++ b/src/parser.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -157,8 +157,9 @@ xmlSecParserPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
}
/* required for c14n! */
- ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+ ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
ctx->parserCtx->replaceEntities = 1;
+ ctx->parserCtx->options = XML_PARSE_NONET;
transform->status = xmlSecTransformStatusWorking;
} else if(transform->status == xmlSecTransformStatusFinished) {
@@ -316,7 +317,7 @@ xmlSecParserPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
}
ret = inputPush(ctxt, input);
- if(input == NULL) {
+ if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"inputPush",
diff --git a/src/relationship.c b/src/relationship.c
new file mode 100644
index 00000000..f301ed7b
--- /dev/null
+++ b/src/relationship.c
@@ -0,0 +1,822 @@
+/**
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * Relationship transform
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
+ */
+#include "globals.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <libxml/tree.h>
+#include <libxml/xpointer.h>
+#include <libxml/c14n.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/list.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+
+/******************************************************************************
+ *
+ * Relationship transform
+ *
+ * http://standards.iso.org/ittf/PubliclyAvailableStandards/c061796_ISO_IEC_29500-2_2012.zip
+ *
+ * 13.2.4.24 Relationships Transform Algorithm
+ *
+ * The relationships transform takes the XML document from the Relationships part and converts
+ * it to another XML document.
+ *
+ * The package implementer might create relationships XML that contains content from several namespaces,
+ * along with versioning instructions as defined in Part 3, “Markup Compatibility and Extensibility”. [O6.11]
+ *
+ * The relationships transform algorithm is as follows:
+ *
+ * Step 1: Process versioning instructions
+ * 1. The package implementer shall process the versioning instructions, considering that the only
+ * known namespace is the Relationships namespace.
+ * 2. The package implementer shall remove all ignorable content, ignoring preservation attributes.
+ * 3. The package implementer shall remove all versioning instructions.
+ *
+ * Step 2: Sort and filter relationships
+ * 1. The package implementer shall remove all namespace declarations except the Relationships
+ * namespace declaration.
+ * 2. The package implementer shall remove the Relationships namespace prefix, if it is present.
+ * 3. The package implementer shall sort relationship elements by Id value in lexicographical
+ * order, considering Id values as case-sensitive Unicode strings.
+ * 4. The package implementer shall remove all Relationship elements that do not have either an Id
+ * value that matches any SourceId value or a Type value that matches any SourceType value, among
+ * the SourceId and SourceType values specified in the transform definition. Producers and consumers
+ * shall compare values as case-sensitive Unicode strings. [M6.27] The resulting XML document holds
+ * all Relationship elements that either have an Id value that matches a SourceId value or a Type value
+ * that matches a SourceType value specified in the transform definition.
+ *
+ * Step 3: Prepare for canonicalization
+ * 1. The package implementer shall remove all characters between the Relationships start tag and
+ * the first Relationship start tag.
+ * 2. The package implementer shall remove any contents of the Relationship element.
+ * 3. The package implementer shall remove all characters between the last Relationship end tag and
+ * the Relationships end tag.
+ * 4. If there are no Relationship elements, the package implementer shall remove all characters
+ * between the Relationships start tag and the Relationships end tag.
+ * 5. The package implementer shall remove comments from the Relationships XML content.
+ * 6. The package implementer shall add a TargetMode attribute with its default value, if this
+ * optional attribute is missing from the Relationship element.
+ * 7. The package implementer can generate Relationship elements as start-tag/end-tag pairs with
+ * empty content, or as empty elements. A canonicalization transform, applied immediately after the
+ * Relationships Transform, converts all XML elements into start-tag/end-tag pairs.
+ *
+ *
+ * IMPLEMENTATION NOTES (https://github.com/lsh123/xmlsec/pull/24):
+ *
+ * * We don't simply manipulate the XML tree, but do an XML tree -> output bytes transformation,
+ * so e.g. because we never write characters inside XML elements, we implicitly remove all character
+ * contents, as required by step 3, point 1. It also simplifies the task of the situation that
+ * realistically the input of the transformation is always a document that conforms to the OOXML
+ * relationships XML schema, so in practice it'll never happen that the input document has e.g.
+ * characters, as the schema requires that the document has only XML elements and attributes,
+ * but no characters.
+ *
+ * * Step 2, point 4 talks about a SourceType value, but given that neither Microsoft Office, nor LibreOffice
+ * writes that theoretical attribute, the implementation doesn't handle it. If there is a real-world situation
+ * when there will be such an input, then it'll be easy to add support for that. But I didn't want to clutter
+ * the current implementation with details that doesn't seem to be used in practice
+ *
+ *****************************************************************************/
+typedef struct _xmlSecRelationshipCtx xmlSecRelationshipCtx,
+ *xmlSecRelationshipCtxPtr;
+struct _xmlSecRelationshipCtx {
+ xmlSecPtrListPtr sourceIdList;
+};
+#define xmlSecRelationshipSize \
+ (sizeof(xmlSecTransform) + sizeof(xmlSecRelationshipCtx))
+#define xmlSecRelationshipGetCtx(transform) \
+ ((xmlSecRelationshipCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int xmlSecRelationshipInitialize (xmlSecTransformPtr transform);
+static void xmlSecRelationshipFinalize (xmlSecTransformPtr transform);
+static int xmlSecTransformRelationshipPopBin (xmlSecTransformPtr transform,
+ xmlSecByte* data,
+ xmlSecSize maxDataSize,
+ xmlSecSize* dataSize,
+ xmlSecTransformCtxPtr transformCtx);
+static int xmlSecTransformRelationshipPushXml(xmlSecTransformPtr transform,
+ xmlSecNodeSetPtr nodes,
+ xmlSecTransformCtxPtr transformCtx);
+static int xmlSecRelationshipReadNode (xmlSecTransformPtr transform,
+ xmlNodePtr node,
+ xmlSecTransformCtxPtr transformCtx);
+
+static int xmlSecTransformRelationshipProcessElementNode(xmlSecTransformPtr transform,
+ xmlOutputBufferPtr buf,
+ xmlNodePtr cur);
+
+
+static xmlSecTransformKlass xmlSecRelationshipKlass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecRelationshipSize, /* xmlSecSize objSize */
+
+ xmlSecNameRelationship, /* const xmlChar* name; */
+ xmlSecHrefRelationship, /* const xmlChar* href; */
+ xmlSecTransformUsageDSigTransform, /* xmlSecTransformUsage usage; */
+
+ xmlSecRelationshipInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecRelationshipFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ xmlSecRelationshipReadNode, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ NULL, /* xmlSecTransformValidateMethod validate; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ NULL, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformRelationshipPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ xmlSecTransformRelationshipPushXml, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ NULL, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+xmlSecTransformId
+xmlSecTransformRelationshipGetKlass(void) {
+ return(&xmlSecRelationshipKlass);
+}
+
+static int
+xmlSecRelationshipInitialize(xmlSecTransformPtr transform) {
+ xmlSecRelationshipCtxPtr ctx;
+
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformRelationshipId), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecRelationshipSize), -1);
+
+ ctx = xmlSecRelationshipGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* initialize context */
+ memset(ctx, 0, sizeof(xmlSecRelationshipCtx));
+
+ ctx->sourceIdList = xmlSecPtrListCreate(xmlSecStringListId);
+ if(ctx->sourceIdList == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecPtrListCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ return(0);
+}
+
+static void
+xmlSecRelationshipFinalize(xmlSecTransformPtr transform) {
+ xmlSecRelationshipCtxPtr ctx;
+
+ xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformRelationshipId));
+ xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecRelationshipSize));
+
+ ctx = xmlSecRelationshipGetCtx(transform);
+ xmlSecAssert(ctx != NULL);
+
+ if(ctx->sourceIdList != NULL) {
+ xmlSecPtrListDestroy(ctx->sourceIdList);
+ }
+
+ memset(ctx, 0, sizeof(xmlSecRelationshipCtx));
+}
+
+static int
+xmlSecRelationshipReadNode(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecRelationshipCtxPtr ctx;
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformRelationshipId), -1);
+ xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecRelationshipSize), -1);
+ xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+ ctx = xmlSecRelationshipGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ cur = node->children;
+ while(cur != NULL) {
+ if(xmlSecCheckNodeName(cur, xmlSecNodeRelationshipReference, xmlSecRelationshipReferenceNs)) {
+ xmlChar* sourceId;
+ xmlChar* tmp;
+
+ sourceId = xmlGetProp(cur, xmlSecRelationshipAttrSourceId);
+ if(sourceId == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ "xmlGetProp",
+ xmlSecErrorsSafeString(xmlSecRelationshipAttrSourceId),
+ XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+ "node=%s",
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+ return(-1);
+ }
+
+ tmp = xmlStrdup(sourceId);
+ if(tmp == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlStrdup",
+ XMLSEC_ERRORS_R_STRDUP_FAILED,
+ "len=%d", xmlStrlen(sourceId));
+ return(-1);
+ }
+
+ ret = xmlSecPtrListAdd(ctx->sourceIdList, tmp);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecPtrListAdd",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlFree(tmp);
+ return(-1);
+ }
+ }
+
+ cur = cur->next;
+ }
+
+ return(0);
+}
+
+/* Sorts Relationship elements by Id value in lexicographical order. */
+static int
+xmlSecTransformRelationshipCompare(xmlNodePtr node1, xmlNodePtr node2) {
+ xmlChar* id1;
+ xmlChar* id2;
+
+ if(node1 == node2) {
+ return(0);
+ }
+ if(node1 == NULL) {
+ return(-1);
+ }
+ if(node2 == NULL) {
+ return(1);
+ }
+
+ id1 = xmlGetProp(node1, xmlSecRelationshipAttrId);
+ id2 = xmlGetProp(node2, xmlSecRelationshipAttrId);
+ if(id1 == NULL) {
+ return(-1);
+ }
+ if(id2 == NULL) {
+ return(1);
+ }
+
+ return(xmlStrcmp(id1, id2));
+}
+
+/**
+ * This is step 2, point 4: if the input sourceId list doesn't contain the Id attribute of the current node,
+ * then exclude it from the output, instead of processing it.
+ */
+static int
+xmlSecTransformRelationshipProcessNode(xmlSecTransformPtr transform, xmlOutputBufferPtr buf, xmlNodePtr cur) {
+ int found = -1;
+ xmlSecRelationshipCtxPtr ctx;
+ xmlSecSize ii;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(cur != NULL, -1);
+
+ if(xmlSecCheckNodeName(cur, xmlSecNodeRelationship, xmlSecRelationshipsNs)) {
+ xmlChar* id = xmlGetProp(cur, xmlSecRelationshipAttrId);
+ if(id == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlGetProp(xmlSecRelationshipAttrId)",
+ XMLSEC_ERRORS_R_XML_FAILED,
+ "name=Id");
+ return(-1);
+ }
+
+ ctx = xmlSecRelationshipGetCtx(transform);
+ for(ii = 0; ii < xmlSecPtrListGetSize(ctx->sourceIdList); ++ii) {
+ if(xmlStrcmp(xmlSecPtrListGetItem(ctx->sourceIdList, ii), id) == 0) {
+ found = 1;
+ break;
+ }
+ }
+
+ if(found < 0) {
+ return(0);
+ }
+ }
+
+ ret = xmlSecTransformRelationshipProcessElementNode(transform, buf, cur);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipProcessElementNode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ return(0);
+}
+
+/**
+ * This is step 2, point 3: sort elements by Id: we process other elements as-is, but for elements we collect them in a list,
+ * then sort, and finally process them (process the head of the list, then pop the head, till the list becomes empty).
+ */
+static int
+xmlSecTransformRelationshipProcessNodeList(xmlSecTransformPtr transform, xmlOutputBufferPtr buf, xmlNodePtr cur) {
+ xmlListPtr list;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(cur != NULL, -1);
+
+ list = xmlListCreate(NULL, (xmlListDataCompare)xmlSecTransformRelationshipCompare);
+ if(list == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlListCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ for(; cur; cur = cur->next) {
+ if(xmlStrcmp(cur->name, xmlSecNodeRelationship) == 0) {
+ if(xmlListInsert(list, cur) != 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlListInsert",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else {
+ ret = xmlSecTransformRelationshipProcessNode(transform, buf, cur);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipProcessNode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlListDelete(list);
+ return(-1);
+ }
+ }
+ }
+
+ xmlListSort(list);
+
+ while(!xmlListEmpty(list)) {
+ xmlLinkPtr link = xmlListFront(list);
+ xmlNodePtr node = (xmlNodePtr)xmlLinkGetData(link);
+
+ ret = xmlSecTransformRelationshipProcessNode(transform, buf, node);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipProcessNode",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlListDelete(list);
+ return(-1);
+ }
+
+ xmlListPopFront(list);
+ }
+
+ /* done */
+ xmlListDelete(list);
+ return(0);
+}
+
+static int
+xmlSecTransformRelationshipWriteProp(xmlOutputBufferPtr buf, const xmlChar * name, const xmlChar * value) {
+ int ret;
+
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(name != NULL, -1);
+
+ ret = xmlOutputBufferWriteString(buf, " ");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = xmlOutputBufferWriteString(buf, (const char*) name);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if(value != NULL) {
+ ret = xmlOutputBufferWriteString(buf, "=\"");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ ret = xmlOutputBufferWriteString(buf, (const char*) value);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ ret = xmlOutputBufferWriteString(buf, "\"");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ return (0);
+}
+
+static int
+xmlSecTransformRelationshipWriteNs(xmlOutputBufferPtr buf, const xmlChar * href) {
+ xmlSecAssert2(buf != NULL, -1);
+
+ return(xmlSecTransformRelationshipWriteProp(buf, BAD_CAST "xmlns", (href != NULL) ? href : BAD_CAST ""));
+}
+
+
+static int
+xmlSecTransformRelationshipProcessElementNode(xmlSecTransformPtr transform, xmlOutputBufferPtr buf, xmlNodePtr cur) {
+ xmlAttrPtr attr;
+ int foundTargetMode = 0;
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(cur != NULL, -1);
+ xmlSecAssert2(cur->name != NULL, -1);
+
+ /* write open node */
+ ret = xmlOutputBufferWriteString(buf, "<");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ ret = xmlOutputBufferWriteString(buf, (const char *)cur->name);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* write namespaces */
+ if(cur->nsDef != NULL) {
+ ret = xmlSecTransformRelationshipWriteNs(buf, cur->nsDef->href);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipWriteNs",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ /**
+ * write attributes:
+ *
+ * This is step 3, point 6: add default value of TargetMode if there is no such attribute.
+ */
+ for(attr = cur->properties; attr != NULL; attr = attr->next) {
+ xmlChar * value = xmlGetProp(cur, attr->name);
+
+ if(xmlStrcmp(attr->name, xmlSecRelationshipAttrTargetMode) == 0) {
+ foundTargetMode = 1;
+ }
+
+ ret = xmlSecTransformRelationshipWriteProp(buf, attr->name, value);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipWriteProp",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ /* write TargetMode */
+ if(xmlStrcmp(cur->name, xmlSecNodeRelationship) == 0 && !foundTargetMode) {
+ ret = xmlSecTransformRelationshipWriteProp(buf, xmlSecRelationshipAttrTargetMode, BAD_CAST "Internal");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipWriteProp(TargetMode=Internal)",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ /* finish writing open node */
+ ret = xmlOutputBufferWriteString(buf, ">");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* write children */
+ if(cur->children != NULL) {
+ ret = xmlSecTransformRelationshipProcessNodeList(transform, buf, cur->children);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipProcessNodeList",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ /* write closing node */
+ ret = xmlOutputBufferWriteString(buf, "</");
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ ret = xmlOutputBufferWriteString(buf, (const char *)cur->name);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ if(xmlOutputBufferWriteString(buf, ">") < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferWriteString",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* done */
+ return(0);
+}
+
+static int
+xmlSecTransformRelationshipExecute(xmlSecTransformPtr transform, xmlOutputBufferPtr buf, xmlDocPtr doc) {
+ int ret;
+
+ xmlSecAssert2(transform != NULL, -1);
+ xmlSecAssert2(buf != NULL, -1);
+ xmlSecAssert2(doc != NULL, -1);
+
+ if(doc->children != NULL) {
+ ret = xmlSecTransformRelationshipProcessNodeList(transform, buf, doc->children);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformRelationshipProcessNodeList",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ return(0);
+}
+
+static int
+xmlSecTransformRelationshipPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes, xmlSecTransformCtxPtr transformCtx)
+{
+ xmlOutputBufferPtr buf;
+ xmlSecRelationshipCtxPtr ctx;
+ int ret;
+
+ xmlSecAssert2(nodes != NULL, -1);
+ xmlSecAssert2(nodes->doc != NULL, -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+
+ ctx = xmlSecRelationshipGetCtx(transform);
+ xmlSecAssert2(ctx != NULL, -1);
+
+ /* check/update current transform status */
+ switch(transform->status) {
+ case xmlSecTransformStatusNone:
+ transform->status = xmlSecTransformStatusWorking;
+ break;
+ case xmlSecTransformStatusWorking:
+ case xmlSecTransformStatusFinished:
+ return(0);
+ default:
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_STATUS,
+ "status=%d", transform->status);
+ return(-1);
+ }
+ xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
+
+ /* prepare output buffer: next transform or ourselves */
+ if(transform->next != NULL) {
+ buf = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
+ if(buf == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformCreateOutputBuffer",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else {
+ buf = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
+ if(buf == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferCreateOutputBuffer",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ }
+
+ ret = xmlSecTransformRelationshipExecute(transform, buf, nodes->doc);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlC14NExecute",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlOutputBufferClose(buf);
+ return(-1);
+ }
+
+ ret = xmlOutputBufferClose(buf);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferClose",
+ XMLSEC_ERRORS_R_XML_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ transform->status = xmlSecTransformStatusFinished;
+ return(0);
+}
+
+static int
+xmlSecTransformRelationshipPopBin(xmlSecTransformPtr transform, xmlSecByte* data, xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx) {
+ xmlSecBufferPtr out;
+ int ret;
+
+ xmlSecAssert2(data != NULL, -1);
+ xmlSecAssert2(dataSize != NULL, -1);
+ xmlSecAssert2(transformCtx != NULL, -1);
+
+ out = &(transform->outBuf);
+ if(transform->status == xmlSecTransformStatusNone) {
+ xmlOutputBufferPtr buf;
+
+ xmlSecAssert2(transform->inNodes == NULL, -1);
+
+ if(transform->prev == NULL) {
+ (*dataSize) = 0;
+ transform->status = xmlSecTransformStatusFinished;
+ return(0);
+ }
+
+ /* get xml data from previous transform */
+ ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformPopXml",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* dump everything to internal buffer */
+ buf = xmlSecBufferCreateOutputBuffer(out);
+ if(buf == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferCreateOutputBuffer",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ ret = xmlC14NExecute(transform->inNodes->doc, (xmlC14NIsVisibleCallback)xmlSecNodeSetContains, transform->inNodes, XML_C14N_1_0, NULL, 0, buf);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecTransformC14NExecute",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlOutputBufferClose(buf);
+ return(-1);
+ }
+
+ ret = xmlOutputBufferClose(buf);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlOutputBufferClose",
+ XMLSEC_ERRORS_R_XML_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ transform->status = xmlSecTransformStatusWorking;
+ }
+
+ if(transform->status == xmlSecTransformStatusWorking) {
+ xmlSecSize outSize;
+
+ /* return chunk after chunk */
+ outSize = xmlSecBufferGetSize(out);
+ if(outSize > maxDataSize) {
+ outSize = maxDataSize;
+ }
+ if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
+ outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+ }
+ if(outSize > 0) {
+ xmlSecAssert2(xmlSecBufferGetData(out), -1);
+
+ memcpy(data, xmlSecBufferGetData(out), outSize);
+ ret = xmlSecBufferRemoveHead(out, outSize);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ "xmlSecBufferRemoveHead",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "size=%d", outSize);
+ return(-1);
+ }
+ } else if(xmlSecBufferGetSize(out) == 0) {
+ transform->status = xmlSecTransformStatusFinished;
+ }
+ (*dataSize) = outSize;
+ } else if(transform->status == xmlSecTransformStatusFinished) {
+ /* the only way we can get here is if there is no output */
+ xmlSecAssert2(xmlSecBufferGetSize(out) == 0, -1);
+ (*dataSize) = 0;
+ } else {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_STATUS,
+ "status=%d", transform->status);
+ return(-1);
+ }
+
+ return(0);
+}
diff --git a/src/skeleton/app.c b/src/skeleton/app.c
index 15ba3cf7..69c83308 100644
--- a/src/skeleton/app.c
+++ b/src/skeleton/app.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/skeleton/crypto.c b/src/skeleton/crypto.c
index 3be20644..0e372f18 100644
--- a/src/skeleton/crypto.c
+++ b/src/skeleton/crypto.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -74,6 +74,7 @@ xmlSecCryptoGetFunctions_skeleton(void) {
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->keyDataGost2001GetKlass = xmlSecSkeletonKeyDataGost2001GetKlass;
+ gXmlSecSkeletonFunctions->keyDataGostR3410_2012GetKlass = xmlSecSkeletonKeyDataGostR3410_2012GetKlass;
#endif /* XMLSEC_NO_GOST */
#ifndef XMLSEC_NO_HMAC
@@ -161,10 +162,14 @@ xmlSecCryptoGetFunctions_skeleton(void) {
/******************************* GOST ********************************/
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->transformGost2001GostR3411_94GetKlass = xmlSecSkeletonTransformGost2001GostR3411_94GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass = xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_256GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass = xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_512GetKlass;
#endif /* XMLSEC_GOST */
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->transformGostR3411_94GetKlass = xmlSecSkeletonTransformGostR3411_94GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3411_2012_256GetKlass = xmlSecSkeletonTransformGostR3411_2012_256GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3411_2012_512GetKlass = xmlSecSkeletonTransformGostR3411_2012_512GetKlass;
#endif /* XMLSEC_NO_GOST */
/******************************* HMAC ********************************/
diff --git a/src/skeleton/globals.h b/src/skeleton/globals.h
index 770b6dba..065c3e8f 100644
--- a/src/skeleton/globals.h
+++ b/src/skeleton/globals.h
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#ifndef __XMLSEC_GLOBALS_H__
#define __XMLSEC_GLOBALS_H__
diff --git a/src/strings.c b/src/strings.c
index f746f4db..8a621330 100644
--- a/src/strings.c
+++ b/src/strings.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -22,7 +22,6 @@
const xmlChar xmlSecNs[] = "http://www.aleksey.com/xmlsec/2002";
const xmlChar xmlSecDSigNs[] = "http://www.w3.org/2000/09/xmldsig#";
const xmlChar xmlSecEncNs[] = "http://www.w3.org/2001/04/xmlenc#";
-const xmlChar xmlSecXkmsNs[] = "http://www.w3.org/2002/03/xkms#";
const xmlChar xmlSecXPathNs[] = "http://www.w3.org/TR/1999/REC-xpath-19991116";
const xmlChar xmlSecXPath2Ns[] = "http://www.w3.org/2002/06/xmldsig-filter2";
const xmlChar xmlSecXPointerNs[] = "http://www.w3.org/2001/04/xmldsig-more/xptr";
@@ -68,126 +67,6 @@ const xmlChar xmlSecTypeEncElement[] = "http://www.w3.org/2001/04/xml
/*************************************************************************
*
- * XKMS Nodes
- *
- ************************************************************************/
-#ifndef XMLSEC_NO_XKMS
-const xmlChar xmlSecXkmsServerRequestResultName[] = "result-response";
-const xmlChar xmlSecXkmsServerRequestStatusName[] = "status-request";
-const xmlChar xmlSecXkmsServerRequestLocateName[] = "locate-request";
-const xmlChar xmlSecXkmsServerRequestValidateName[] = "validate-request";
-const xmlChar xmlSecXkmsServerRequestCompoundName[] = "compound-request";
-
-const xmlChar xmlSecNodeResult[] = "Result";
-const xmlChar xmlSecNodeStatusRequest[] = "StatusRequest";
-const xmlChar xmlSecNodeStatusResult[] = "StatusResult";
-const xmlChar xmlSecNodeLocateRequest[] = "LocateRequest";
-const xmlChar xmlSecNodeLocateResult[] = "LocateResult";
-const xmlChar xmlSecNodeValidateRequest[] = "ValidateRequest";
-const xmlChar xmlSecNodeValidateResult[] = "ValidateResult";
-const xmlChar xmlSecNodeCompoundRequest[] = "CompoundRequest";
-const xmlChar xmlSecNodeCompoundResult[] = "CompoundResult";
-
-const xmlChar xmlSecNodeMessageExtension[] = "MessageExtension";
-const xmlChar xmlSecNodeOpaqueClientData[] = "OpaqueClientData";
-const xmlChar xmlSecNodeResponseMechanism[] = "ResponseMechanism";
-const xmlChar xmlSecNodeRespondWith[] = "RespondWith";
-const xmlChar xmlSecNodePendingNotification[] = "PendingNotification";
-const xmlChar xmlSecNodeQueryKeyBinding[] = "QueryKeyBinding";
-const xmlChar xmlSecNodeKeyUsage[] = "KeyUsage";
-const xmlChar xmlSecNodeUseKeyWith[] = "UseKeyWith";
-const xmlChar xmlSecNodeTimeInstant[] = "TimeInstant";
-const xmlChar xmlSecNodeRequestSignatureValue[] = "RequestSignatureValue";
-const xmlChar xmlSecNodeUnverifiedKeyBinding[] = "UnverifiedKeyBinding";
-const xmlChar xmlSecNodeValidityInterval[] = "ValidityInterval";
-const xmlChar xmlSecNodeStatus[] = "Status";
-const xmlChar xmlSecNodeValidReason[] = "ValidReason";
-const xmlChar xmlSecNodeInvalidReason[] = "InvalidReason";
-const xmlChar xmlSecNodeIndeterminateReason[] = "IndeterminateReason";
-
-const xmlChar xmlSecAttrService[] = "Service";
-const xmlChar xmlSecAttrNonce[] = "Nonce";
-const xmlChar xmlSecAttrOriginalRequestId[] = "OriginalRequestId";
-const xmlChar xmlSecAttrResponseLimit[] = "ResponseLimit";
-const xmlChar xmlSecAttrMechanism[] = "Mechanism[";
-const xmlChar xmlSecAttrIdentifier[] = "Identifier";
-const xmlChar xmlSecAttrApplication[] = "Application";
-const xmlChar xmlSecAttrResultMajor[] = "ResultMajor";
-const xmlChar xmlSecAttrResultMinor[] = "ResultMinor";
-const xmlChar xmlSecAttrRequestId[] = "RequestId";
-const xmlChar xmlSecAttrNotBefore[] = "NotBefore";
-const xmlChar xmlSecAttrNotOnOrAfter[] = "NotOnOrAfter";
-const xmlChar xmlSecAttrTime[] = "Time";
-const xmlChar xmlSecAttrStatusValue[] = "StatusValue";
-
-const xmlChar xmlSecResponseMechanismPending[] = "Pending";
-const xmlChar xmlSecResponseMechanismRepresent[]= "Represent";
-const xmlChar xmlSecResponseMechanismRequestSignatureValue[] = "RequestSignatureValue";
-
-const xmlChar xmlSecRespondWithKeyName[] = "KeyName";
-const xmlChar xmlSecRespondWithKeyValue[] = "KeyValue";
-const xmlChar xmlSecRespondWithX509Cert[] = "X509Cert";
-const xmlChar xmlSecRespondWithX509Chain[] = "X509Chain";
-const xmlChar xmlSecRespondWithX509CRL[] = "X509CRL";
-const xmlChar xmlSecRespondWithOCSP[] = "OCSP";
-const xmlChar xmlSecRespondWithRetrievalMethod[]= "RetrievalMethod";
-const xmlChar xmlSecRespondWithPGP[] = "PGP";
-const xmlChar xmlSecRespondWithPGPWeb[] = "PGPWeb";
-const xmlChar xmlSecRespondWithSPKI[] = "SPKI";
-const xmlChar xmlSecRespondWithPrivateKey[] = "PrivateKey";
-
-const xmlChar xmlSecStatusResultSuccess[] = "Success";
-const xmlChar xmlSecStatusResultFailed[] = "Failed";
-const xmlChar xmlSecStatusResultPending[] = "Pending";
-
-const xmlChar xmlSecKeyUsageEncryption[] = "Encryption";
-const xmlChar xmlSecKeyUsageSignature[] = "Signature";
-const xmlChar xmlSecKeyUsageExchange[] = "Exchange";
-
-const xmlChar xmlSecKeyBindingStatusValid[] = "Valid";
-const xmlChar xmlSecKeyBindingStatusInvalid[] = "Invalid";
-const xmlChar xmlSecKeyBindingStatusIndeterminate[] = "Indeterminate";
-
-const xmlChar xmlSecKeyBindingReasonIssuerTrust[] = "IssuerTrust";
-const xmlChar xmlSecKeyBindingReasonRevocationStatus[] = "RevocationStatus";
-const xmlChar xmlSecKeyBindingReasonValidityInterval[] = "ValidityInterval";
-const xmlChar xmlSecKeyBindingReasonSignature[] = "Signature";
-
-const xmlChar xmlSecResultMajorCodeSuccess[] = "Success";
-const xmlChar xmlSecResultMajorCodeVersionMismatch[] = "VersionMismatch";
-const xmlChar xmlSecResultMajorCodeSender[] = "Sender";
-const xmlChar xmlSecResultMajorCodeReceiver[] = "Receiver";
-const xmlChar xmlSecResultMajorCodeRepresent[] = "Represent";
-const xmlChar xmlSecResultMajorCodePending[] = "Pending";
-
-const xmlChar xmlSecResultMinorCodeNoMatch[] = "NoMatch";
-const xmlChar xmlSecResultMinorCodeTooManyResponses[] = "TooManyResponses";
-const xmlChar xmlSecResultMinorCodeIncomplete[] = "Incomplete";
-const xmlChar xmlSecResultMinorCodeFailure[] = "Failure";
-const xmlChar xmlSecResultMinorCodeRefused[] = "Refused";
-const xmlChar xmlSecResultMinorCodeNoAuthentication[] = "NoAuthentication";
-const xmlChar xmlSecResultMinorCodeMessageNotSupported[]= "MessageNotSupported";
-const xmlChar xmlSecResultMinorCodeUnknownResponseId[] = "UnknownResponseId";
-const xmlChar xmlSecResultMinorCodeNotSynchronous[] = "NotSynchronous";
-
-const xmlChar xmlSecXkmsSoapSubcodeValueMessageNotSupported[] = "MessageNotSupported";
-const xmlChar xmlSecXkmsSoapSubcodeValueBadMessage[] = "BadMessage";
-
-const xmlChar xmlSecXkmsSoapFaultReasonLang[] = "en";
-const xmlChar xmlSecXkmsSoapFaultReasonUnsupportedVersion[] = "Unsupported SOAP version";
-const xmlChar xmlSecXkmsSoapFaultReasonUnableToProcess[] = "Unable to process %s";
-const xmlChar xmlSecXkmsSoapFaultReasonServiceUnavailable[] = "Service temporarily unable";
-const xmlChar xmlSecXkmsSoapFaultReasonMessageNotSupported[]= "%s message not supported";
-const xmlChar xmlSecXkmsSoapFaultReasonMessageInvalid[] = "%s message invalid";
-
-const xmlChar xmlSecXkmsFormatStrPlain[] = "plain";
-const xmlChar xmlSecXkmsFormatStrSoap11[] = "soap-1.1";
-const xmlChar xmlSecXkmsFormatStrSoap12[] = "soap-1.2";
-
-#endif /* XMLSEC_NO_XKMS */
-
-/*************************************************************************
- *
* KeyInfo Nodes
*
************************************************************************/
@@ -304,6 +183,26 @@ const xmlChar xmlSecHrefGost2001GostR3411_94[] = "http://www.w3.org/200
/*************************************************************************
*
+ * GOST R 34.10-2012 strings
+ *
+ ************************************************************************/
+const xmlChar xmlSecNameGostR3410_2012_256KeyValue[] = "gostr34102012-256";
+const xmlChar xmlSecNodeGostR3410_2012_256KeyValue[] = "gostr34102012-256";
+const xmlChar xmlSecHrefGostR3410_2012_256KeyValue[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-256";
+
+const xmlChar xmlSecNameGostR3410_2012_512KeyValue[] = "gostr34102012-512";
+const xmlChar xmlSecNodeGostR3410_2012_512KeyValue[] = "gostr34102012-512";
+const xmlChar xmlSecHrefGostR3410_2012_512KeyValue[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-512";
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.6 */
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_256[] = "gostr34102012-gostr34112012-256";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_256[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_512[] = "gostr34102012-gostr34112012-512";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_512[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512";
+
+/*************************************************************************
+ *
* DSA strings
*
************************************************************************/
@@ -504,6 +403,20 @@ const xmlChar xmlSecHrefGostR3411_94[] = "http://www.w3.org/200
/*************************************************************************
*
+ * GOST R 34.11-2012 strings
+ *
+ ************************************************************************/
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.2 */
+const xmlChar xmlSecNameGostR3411_2012_256[] = "gostr34112012-256";
+const xmlChar xmlSecHrefGostR3411_2012_256[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3411_2012_512[] = "gostr34112012-512";
+const xmlChar xmlSecHrefGostR3411_2012_512[] = "urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512";
+
+
+/*************************************************************************
+ *
* SHA1 strings
*
************************************************************************/
@@ -581,6 +494,21 @@ const xmlChar xmlSecNodeXPointer[] = "XPointer";
/*************************************************************************
*
+ * Relationship strings
+ *
+ ************************************************************************/
+const xmlChar xmlSecNameRelationship[] = "relationship";
+const xmlChar xmlSecHrefRelationship[] = "http://schemas.openxmlformats.org/package/2006/RelationshipTransform";
+const xmlChar xmlSecNodeRelationship[] = "Relationship";
+const xmlChar xmlSecNodeRelationshipReference[] = "RelationshipReference";
+const xmlChar xmlSecRelationshipsNs[] = "http://schemas.openxmlformats.org/package/2006/relationships";
+const xmlChar xmlSecRelationshipReferenceNs[] = "http://schemas.openxmlformats.org/package/2006/digital-signature";
+const xmlChar xmlSecRelationshipAttrId[] = "Id";
+const xmlChar xmlSecRelationshipAttrSourceId[] = "SourceId";
+const xmlChar xmlSecRelationshipAttrTargetMode[]= "TargetMode";
+
+/*************************************************************************
+ *
* Xslt strings
*
************************************************************************/
diff --git a/src/templates.c b/src/templates.c
index 2270db67..374917c9 100644
--- a/src/templates.c
+++ b/src/templates.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/transforms.c b/src/transforms.c
index 8a2ded23..b1f16f74 100644
--- a/src/transforms.c
+++ b/src/transforms.c
@@ -36,7 +36,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -281,6 +281,16 @@ xmlSecTransformIdsRegisterDefault(void) {
return(-1);
}
+ if(xmlSecTransformIdsRegister(xmlSecTransformRelationshipId) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "name=%s",
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformRelationshipId)));
+ return(-1);
+ }
+
#ifndef XMLSEC_NO_XSLT
if(xmlSecTransformIdsRegister(xmlSecTransformXsltId) < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -355,7 +365,7 @@ xmlSecTransformCtxCreate(void) {
NULL,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
- "size=%d", sizeof(xmlSecTransformCtx));
+ "size=%d", (int)sizeof(xmlSecTransformCtx));
return(NULL);
}
@@ -876,7 +886,7 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
NULL,
NULL,
XMLSEC_ERRORS_R_STRDUP_FAILED,
- "size=%d", xptr - uri);
+ "size=%d", (int)(xptr - uri));
return(-1);
}
@@ -932,6 +942,9 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
+ if(buf != NULL) {
+ xmlFree(buf);
+ }
return(-1);
}
@@ -965,6 +978,9 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformVisa3DHackId)));
+ if(buf != NULL) {
+ xmlFree(buf);
+ }
return(-1);
}
@@ -1195,6 +1211,18 @@ xmlSecTransformCtxUriExecute(xmlSecTransformCtxPtr ctx, const xmlChar* uri) {
return(-1);
}
+ /* Close to free up file handle */
+ ret = xmlSecTransformInputURIClose(uriTransform);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecTransformInputURIClose",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "ret=%d", ret);
+ return(-1);
+ }
+
+ /* Done */
ctx->status = xmlSecTransformStatusFinished;
return(0);
}
@@ -2810,7 +2838,7 @@ xmlSecTransformIOBufferCreate(xmlSecTransformIOBufferMode mode, xmlSecTransformP
NULL,
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
- "size=%d", sizeof(xmlSecTransformIOBuffer));
+ "size=%d", (int)sizeof(xmlSecTransformIOBuffer));
return(NULL);
}
memset(buffer, 0, sizeof(xmlSecTransformIOBuffer));
diff --git a/src/x509.c b/src/x509.c
index 028030ef..2bdcb3fa 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -4,7 +4,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/xkms.c b/src/xkms.c
deleted file mode 100644
index d10099bb..00000000
--- a/src/xkms.c
+++ /dev/null
@@ -1,4981 +0,0 @@
-/**
- * XML Security Library (http://www.aleksey.com/xmlsec).
- *
- * "XML Key Management Specification v 2.0" implementation
- * http://www.w3.org/TR/xkms2/
- *
- * This is free software; see Copyright file in the source
- * distribution for preciese wording.
- *
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
- */
-#include "globals.h"
-
-#ifndef XMLSEC_NO_XKMS
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <libxml/tree.h>
-#include <libxml/parser.h>
-
-#include <xmlsec/xmlsec.h>
-#include <xmlsec/buffer.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/keys.h>
-#include <xmlsec/keysmngr.h>
-#include <xmlsec/transforms.h>
-#include <xmlsec/keyinfo.h>
-#include <xmlsec/soap.h>
-#include <xmlsec/xkms.h>
-#include <xmlsec/private.h>
-#include <xmlsec/private/xkms.h>
-#include <xmlsec/errors.h>
-
-#define XMLSEC_XKMS_ID_ATTRIBUTE_LEN 32
-
-/* The ID attribute in XKMS is 'Id' */
-static const xmlChar* xmlSecXkmsServerIds[] = { BAD_CAST "Id", NULL };
-
-#ifndef XMLSEC_NO_SOAP
-static int xmlSecXkmsServerCtxWriteSoap11FatalError (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr envNode);
-static int xmlSecXkmsServerCtxWriteSoap12FatalError (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr envNode);
-#endif /* XMLSEC_NO_SOAP */
-
-static int xmlSecXkmsServerCtxRequestAbstractTypeNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxSignatureNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxMessageExtensionNodesRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxOpaqueClientDataNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxPendingNotificationNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxRespondWithNodesRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxPendingRequestNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxQueryKeyBindingNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxKeyInfoNodeWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxUseKeyWithNodesRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr* node);
-static int xmlSecXkmsServerCtxUseKeyWithNodesWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxTimeInstantNodeRead (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxResultTypeNodeWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxKeyBindingNodeWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxValidityIntervalNodeWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-static int xmlSecXkmsServerCtxKeyBindingStatusNodeWrite (xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node,
- xmlSecKeyPtr key);
-
-
-static const xmlSecQName2IntegerInfo gXmlSecXkmsResultMajorInfo[] =
-{
- { xmlSecXkmsNs, xmlSecResultMajorCodeSuccess,
- xmlSecXkmsResultMajorSuccess },
- { xmlSecXkmsNs, xmlSecResultMajorCodeVersionMismatch,
- xmlSecXkmsResultMajorVersionMismatch },
- { xmlSecXkmsNs, xmlSecResultMajorCodeSender,
- xmlSecXkmsResultMajorSender },
- { xmlSecXkmsNs, xmlSecResultMajorCodeReceiver,
- xmlSecXkmsResultMajorReceiver },
- { xmlSecXkmsNs, xmlSecResultMajorCodeRepresent,
- xmlSecXkmsResultMajorRepresent },
- { xmlSecXkmsNs, xmlSecResultMajorCodePending,
- xmlSecXkmsResultMajorPending, },
- { NULL , NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2IntegerInfo gXmlSecXkmsMinorErrorInfo[] =
-{
- { xmlSecXkmsNs, xmlSecResultMinorCodeNoMatch,
- xmlSecXkmsResultMinorNoMatch },
- { xmlSecXkmsNs, xmlSecResultMinorCodeTooManyResponses,
- xmlSecXkmsResultMinorTooManyResponses },
- { xmlSecXkmsNs, xmlSecResultMinorCodeIncomplete,
- xmlSecXkmsResultMinorIncomplete },
- { xmlSecXkmsNs, xmlSecResultMinorCodeFailure,
- xmlSecXkmsResultMinorFailure },
- { xmlSecXkmsNs, xmlSecResultMinorCodeRefused,
- xmlSecXkmsResultMinorRefused },
- { xmlSecXkmsNs, xmlSecResultMinorCodeNoAuthentication,
- xmlSecXkmsResultMinorNoAuthentication },
- { xmlSecXkmsNs, xmlSecResultMinorCodeMessageNotSupported,
- xmlSecXkmsResultMinorMessageNotSupported },
- { xmlSecXkmsNs, xmlSecResultMinorCodeUnknownResponseId,
- xmlSecXkmsResultMinorUnknownResponseId },
- { xmlSecXkmsNs, xmlSecResultMinorCodeNotSynchronous,
- xmlSecXkmsResultMinorSynchronous },
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2IntegerInfo gXmlSecXkmsKeyBindingStatusInfo[] =
-{
- { xmlSecXkmsNs, xmlSecKeyBindingStatusValid,
- xmlSecXkmsKeyBindingStatusValid },
- { xmlSecXkmsNs, xmlSecKeyBindingStatusInvalid,
- xmlSecXkmsKeyBindingStatusInvalid },
- { xmlSecXkmsNs, xmlSecKeyBindingStatusIndeterminate,
- xmlSecXkmsKeyBindingStatusIndeterminate },
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] =
-{
- { xmlSecXkmsNs, xmlSecKeyUsageEncryption,
- xmlSecKeyUsageEncrypt | xmlSecKeyUsageDecrypt },
- { xmlSecXkmsNs, xmlSecKeyUsageSignature,
- xmlSecKeyUsageSign | xmlSecKeyUsageVerify },
- { xmlSecXkmsNs, xmlSecKeyUsageExchange,
- xmlSecKeyUsageKeyExchange},
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] =
-{
- { xmlSecXkmsNs, xmlSecKeyBindingReasonIssuerTrust,
- XMLSEC_XKMS_KEY_BINDING_REASON_MASK_ISSUER_TRAST },
- { xmlSecXkmsNs, xmlSecKeyBindingReasonRevocationStatus,
- XMLSEC_XKMS_KEY_BINDING_REASON_MASK_REVOCATION_STATUS },
- { xmlSecXkmsNs, xmlSecKeyBindingReasonValidityInterval,
- XMLSEC_XKMS_KEY_BINDING_REASON_MASK_VALIDITY_INTERVAL },
- { xmlSecXkmsNs, xmlSecKeyBindingReasonSignature,
- XMLSEC_XKMS_KEY_BINDING_REASON_MASK_SIGNATURE },
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] =
-{
- { xmlSecXkmsNs, xmlSecResponseMechanismRepresent,
- XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT },
- { xmlSecXkmsNs, xmlSecResponseMechanismPending,
- XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING },
- { xmlSecXkmsNs, xmlSecResponseMechanismRequestSignatureValue,
- XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE },
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-static const xmlSecQName2IntegerInfo gXmlSecXkmsFormatInfo[] =
-{
- { NULL, xmlSecXkmsFormatStrPlain,
- xmlSecXkmsServerFormatPlain },
-#ifndef XMLSEC_NO_SOAP
- { NULL, xmlSecXkmsFormatStrSoap11,
- xmlSecXkmsServerFormatSoap11 },
- { NULL, xmlSecXkmsFormatStrSoap12,
- xmlSecXkmsServerFormatSoap12 },
-#endif /* XMLSEC_NO_SOAP */
- { NULL, NULL, 0 } /* MUST be last in the list */
-};
-
-/**
- * xmlSecXkmsServerFormatFromString:
- * @str the string.
- *
- * Gets xmlSecXkmsServerFormat from string @str.
- *
- * Returns: corresponding format or xmlSecXkmsServerFormatUnknown
- * if format could not be recognized.
- */
-xmlSecXkmsServerFormat
-xmlSecXkmsServerFormatFromString(const xmlChar* str) {
- int res;
- int ret;
-
- xmlSecAssert2(str != NULL, xmlSecXkmsServerFormatUnknown);
-
- ret = xmlSecQName2IntegerGetInteger(gXmlSecXkmsFormatInfo, NULL, str, &res);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2IntegerGetInteger",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(xmlSecXkmsServerFormatUnknown);
- }
-
- return((xmlSecXkmsServerFormat)res);
-}
-
-/**
- * xmlSecXkmsServerFormatToString:
- * @format: the format.
- *
- * Gets string from @format.
- *
- * Returns: string corresponding to @format or NULL if an error occurs.
- */
-const xmlChar*
-xmlSecXkmsServerFormatToString (xmlSecXkmsServerFormat format) {
- xmlSecQName2IntegerInfoConstPtr info;
-
- xmlSecAssert2(format != xmlSecXkmsServerFormatUnknown, NULL);
-
- info = xmlSecQName2IntegerGetInfo(gXmlSecXkmsFormatInfo, format);
- if(info == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2IntegerGetInfo",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
- return(info->qnameLocalPart);
-}
-
-/**
- * xmlSecXkmsServerCtxCreate:
- * @keysMngr: the pointer to keys manager.
- *
- * Creates XKMS request server side processing context.
- * The caller is responsible for destroying returned object by calling
- * #xmlSecXkmsServerCtxDestroy function.
- *
- * Returns: pointer to newly allocated context object or NULL if an error
- * occurs.
- */
-xmlSecXkmsServerCtxPtr
-xmlSecXkmsServerCtxCreate(xmlSecKeysMngrPtr keysMngr) {
- xmlSecXkmsServerCtxPtr ctx;
- int ret;
-
- ctx = (xmlSecXkmsServerCtxPtr) xmlMalloc(sizeof(xmlSecXkmsServerCtx));
- if(ctx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "sizeof(xmlSecXkmsServerCtx)=%d",
- sizeof(xmlSecXkmsServerCtx));
- return(NULL);
- }
-
- ret = xmlSecXkmsServerCtxInitialize(ctx, keysMngr);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxDestroy(ctx);
- return(NULL);
- }
- return(ctx);
-}
-
-/**
- * xmlSecXkmsServerCtxDestroy:
- * @ctx: the pointer to XKMS processing context.
- *
- * Destroy context object created with #xmlSecXkmsServerCtxCreate function.
- */
-void
-xmlSecXkmsServerCtxDestroy(xmlSecXkmsServerCtxPtr ctx) {
- xmlSecAssert(ctx != NULL);
-
- xmlSecXkmsServerCtxFinalize(ctx);
- xmlFree(ctx);
-}
-
-/**
- * xmlSecXkmsServerCtxInitialize:
- * @ctx: the pointer to XKMS processing context.
- * @keysMngr: the pointer to keys manager.
- *
- * Initializes XKMS element processing context.
- * The caller is responsible for cleaning up returned object by calling
- * #xmlSecXkmsServerCtxFinalize function.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerCtxInitialize(xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keysMngr) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
-
- memset(ctx, 0, sizeof(xmlSecXkmsServerCtx));
-
- ctx->resultMajor = xmlSecXkmsResultMajorSuccess;
- ctx->resultMinor = xmlSecXkmsResultMinorNone;
- ctx->responseLimit = XMLSEC_XKMS_NO_RESPONSE_LIMIT;
- ctx->idLen = XMLSEC_XKMS_ID_ATTRIBUTE_LEN;
-
- /* initialize key info */
- ret = xmlSecKeyInfoCtxInitialize(&(ctx->keyInfoReadCtx), keysMngr);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- ctx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
-
- ret = xmlSecKeyInfoCtxInitialize(&(ctx->keyInfoWriteCtx), keysMngr);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- ctx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
-
- /* enabled RespondWith */
- ret = xmlSecPtrListInitialize(&(ctx->enabledRespondWithIds), xmlSecXkmsRespondWithIdListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* enabled ServerRequest */
- ret = xmlSecPtrListInitialize(&(ctx->enabledServerRequestIds), xmlSecXkmsServerRequestIdListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
-
-
- /* initialize keys list */
- ret = xmlSecPtrListInitialize(&(ctx->keys), xmlSecKeyPtrListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* initialize RespondWith list */
- ret = xmlSecPtrListInitialize(&(ctx->respWithList), xmlSecXkmsRespondWithIdListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsServerCtxFinalize:
- * @ctx: the pointer to XKMS processing context.
- *
- * Cleans up @ctx object.
- */
-void
-xmlSecXkmsServerCtxFinalize(xmlSecXkmsServerCtxPtr ctx) {
- xmlSecAssert(ctx != NULL);
-
- xmlSecXkmsServerCtxReset(ctx);
-
- if(ctx->expectedService != NULL) {
- xmlFree(ctx->expectedService);
- }
- if(ctx->idPrefix != NULL) {
- xmlFree(ctx->idPrefix);
- }
-
- xmlSecKeyInfoCtxFinalize(&(ctx->keyInfoReadCtx));
- xmlSecKeyInfoCtxFinalize(&(ctx->keyInfoWriteCtx));
- xmlSecPtrListFinalize(&(ctx->enabledRespondWithIds));
- xmlSecPtrListFinalize(&(ctx->enabledServerRequestIds));
- xmlSecPtrListFinalize(&(ctx->keys));
- xmlSecPtrListFinalize(&(ctx->respWithList));
- memset(ctx, 0, sizeof(xmlSecXkmsServerCtx));
-}
-
-/**
- * xmlSecXkmsServerCtxReset:
- * @ctx: the pointer to XKMS processing context.
- *
- * Resets @ctx object, user settings are not touched.
- */
-void
-xmlSecXkmsServerCtxReset(xmlSecXkmsServerCtxPtr ctx) {
- xmlSecAssert(ctx != NULL);
-
- ctx->resultMajor = xmlSecXkmsResultMajorSuccess;
- ctx->resultMinor = xmlSecXkmsResultMinorNone;
- xmlSecKeyInfoCtxReset(&(ctx->keyInfoReadCtx));
- xmlSecKeyInfoCtxReset(&(ctx->keyInfoWriteCtx));
- xmlSecPtrListEmpty(&(ctx->keys));
- xmlSecPtrListEmpty(&(ctx->respWithList));
-
- ctx->requestNode = NULL;
- ctx->opaqueClientDataNode = NULL;
- ctx->firtsMsgExtNode = NULL;
- ctx->keyInfoNode = NULL;
- ctx->requestId = xmlSecXkmsServerRequestIdUnknown;
-
- if(ctx->id != NULL) {
- xmlFree(ctx->id); ctx->id = NULL;
- }
- if(ctx->service != NULL) {
- xmlFree(ctx->service); ctx->service = NULL;
- }
- if(ctx->nonce != NULL) {
- xmlFree(ctx->nonce); ctx->nonce = NULL;
- }
- if(ctx->originalRequestId != NULL) {
- xmlFree(ctx->originalRequestId); ctx->originalRequestId = NULL;
- }
- if(ctx->pendingNotificationMechanism != NULL) {
- xmlFree(ctx->pendingNotificationMechanism);
- ctx->pendingNotificationMechanism = NULL;
- }
- if(ctx->pendingNotificationIdentifier != NULL) {
- xmlFree(ctx->pendingNotificationIdentifier);
- ctx->pendingNotificationIdentifier = NULL;
- }
- if(ctx->compoundRequestContexts != NULL) {
- xmlSecPtrListDestroy(ctx->compoundRequestContexts);
- ctx->compoundRequestContexts = NULL;
- }
-
- ctx->responseLimit = XMLSEC_XKMS_NO_RESPONSE_LIMIT;
- ctx->responseMechanismMask = 0;
-}
-
-/**
- * xmlSecXkmsServerCtxCopyUserPref:
- * @dst: the pointer to destination context.
- * @src: the pointer to source context.
- *
- * Copies user preference from @src context to @dst.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerCtxCopyUserPref(xmlSecXkmsServerCtxPtr dst, xmlSecXkmsServerCtxPtr src) {
- int ret;
-
- xmlSecAssert2(dst != NULL, -1);
- xmlSecAssert2(src != NULL, -1);
-
- dst->userData = src->userData;
- dst->flags = src->flags;
- dst->flags2 = src->flags2;
-
- ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoReadCtx), &(src->keyInfoReadCtx));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxCopyUserPref",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoWriteCtx), &(src->keyInfoWriteCtx));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxCopyUserPref",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- if(src->expectedService != NULL) {
- dst->expectedService = xmlStrdup(src->expectedService);
- if(dst->expectedService == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
-
- if(src->idPrefix != NULL) {
- dst->idPrefix = xmlStrdup(src->idPrefix);
- if(dst->idPrefix == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
- src->idLen = dst->idLen;
-
-
- ret = xmlSecPtrListCopy(&(dst->enabledRespondWithIds), &(src->enabledRespondWithIds));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListCopy",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- ret = xmlSecPtrListCopy(&(dst->enabledServerRequestIds), &(src->enabledServerRequestIds));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListCopy",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsServerCtxProcess:
- * @ctx: the pointer to XKMS processing context.
- * @node: the pointer to request node.
- * @format: the request/response format.
- * @doc: the pointer to response parent XML document (might be NULL).
- *
- * Reads XKMS request from @node and creates response to a newly created node.
- * Caller is responsible for adding the returned node to the XML document.
- *
- * Returns: pointer to newly created XKMS response node or NULL
- * if an error occurs.
- */
-xmlNodePtr
-xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,
- xmlSecXkmsServerFormat format, xmlDocPtr doc) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, NULL);
- xmlSecAssert2(ctx->requestId == NULL, NULL);
- xmlSecAssert2(ctx->requestNode == NULL, NULL);
- xmlSecAssert2(node != NULL, NULL);
-
- ctx->requestNode = xmlSecXkmsServerCtxRequestUnwrap(ctx, node, format);
- if(ctx->requestNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestUnwrap",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(node->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- goto done;
- }
-
- ret = xmlSecXkmsServerCtxRequestRead(ctx, ctx->requestNode);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdListFindByNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ctx->requestNode=%s",
- xmlSecErrorsSafeString(ctx->requestNode->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- goto done;
- }
-
- ret = xmlSecXkmsServerRequestExecute(ctx->requestId, ctx);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestExecute",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ctx->requestNode=%s",
- xmlSecErrorsSafeString(ctx->requestNode->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- goto done;
- }
-
-done:
- /* always try to write response back */
- if(ctx->requestId != NULL) {
- xmlNodePtr respNode;
- xmlNodePtr wrappedRespNode;
-
- respNode = xmlSecXkmsServerCtxResponseWrite(ctx, doc);
- if(respNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResponseWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ctx->requestNode=%s",
- xmlSecErrorsSafeString(ctx->requestNode->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- goto error;
- }
-
-
- wrappedRespNode = xmlSecXkmsServerCtxResponseWrap(ctx, respNode, format, doc);
- if(wrappedRespNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResponseWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ctx->requestNode=%s",
- xmlSecErrorsSafeString(ctx->requestNode->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- xmlFreeNode(respNode);
- goto error;
- }
-
- return(wrappedRespNode);
- }
-
-error:
- /* last attempt: create fatatl error response */
- return(xmlSecXkmsServerCtxFatalErrorResponseCreate(ctx, format, doc));
-}
-
-/**
- * xmlSecXkmsServerCtxRequestRead:
- * @ctx: the pointer to XKMS processing context.
- * @node: the pointer to request node.
- *
- * Reads XKMS request from @node and stores data in @ctx.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerCtxRequestRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->requestId == NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* find out what the request is */
- if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
- ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(&(ctx->enabledServerRequestIds), node);
- } else {
- ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(xmlSecXkmsServerRequestIdsGet(), node);
- }
- if(ctx->requestId == xmlSecXkmsServerRequestIdUnknown) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdListFindByNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(node->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
- return(-1);
- }
-
- xmlSecAddIDs(node->doc, node, xmlSecXkmsServerIds);
- ret = xmlSecXkmsServerRequestNodeRead(ctx->requestId, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "request=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsServerCtxResponseWrite:
- * @ctx: the pointer to XKMS processing context.
- * @doc: the pointer to response parent XML document (might be NULL).
- *
- * Writes XKMS response from context to a newly created node. Caller is
- * responsible for adding the returned node to the XML document.
- *
- * Returns: pointer to newly created XKMS response node or NULL
- * if an error occurs.
- */
-xmlNodePtr
-xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlDocPtr doc) {
- xmlNodePtr respNode;
-
- xmlSecAssert2(ctx != NULL, NULL);
- xmlSecAssert2(ctx->requestId != NULL, NULL);
-
- /* now write results */
- respNode = xmlSecXkmsServerRequestNodeWrite(ctx->requestId, ctx, doc, NULL);
- if(respNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "request=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- return(respNode);
-}
-
-/**
- * xmlSecXkmsServerCtxRequestUnwrap:
- * @ctx: the pointer to XKMS processing context.
- * @node: the pointer to request node.
- * @format: the request/response format.
- *
- * Removes SOAP or other envelope from XKMS request.
- *
- * Returns: pointer to "real" XKMS request node or NULL if an error occurs.
- */
-xmlNodePtr
-xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecXkmsServerFormat format) {
- xmlNodePtr result = NULL;
-
- xmlSecAssert2(ctx != NULL, NULL);
- xmlSecAssert2(node != NULL, NULL);
-
- switch(format) {
- case xmlSecXkmsServerFormatPlain:
- result = node;
- break;
-#ifndef XMLSEC_NO_SOAP
- case xmlSecXkmsServerFormatSoap11:
- /* verify that it is actually soap Envelope node */
- if(xmlSecSoap11CheckEnvelope(node) != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11CheckEnvelope",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- /* check that Body has exactly one entry */
- if(xmlSecSoap11GetBodyEntriesNumber(node) != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11GetBodyEntriesNumber",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- /* this one enntry is our xkms request */
- result = xmlSecSoap11GetBodyEntry(node, 0);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11GetBodyEntry",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- break;
- case xmlSecXkmsServerFormatSoap12:
- /* verify that it is actually soap Envelope node */
- if(xmlSecSoap12CheckEnvelope(node) != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12CheckEnvelope",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- /* check that Body has exactly one entry */
- if(xmlSecSoap12GetBodyEntriesNumber(node) != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12GetBodyEntriesNumber",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- /* this one enntry is our xkms request */
- result = xmlSecSoap12GetBodyEntry(node, 0);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12GetBodyEntry",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- break;
-#endif /* XMLSEC_NO_SOAP */
- default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- "format=%d",
- format);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- return(result);
-}
-
-/**
- * xmlSecXkmsServerCtxResponseWrap:
- * @ctx: the pointer to XKMS processing context.
- * @node: the pointer to response node.
- * @format: the request/response format.
- * @doc: the pointer to response parent XML document (might be NULL).
- *
- * Creates SOAP or other envelope around XKMS response.
- * Caller is responsible for adding the returned node to the XML document.
- *
- * Returns: pointer to newly created response envelope node or NULL
- * if an error occurs.
- */
-xmlNodePtr
-xmlSecXkmsServerCtxResponseWrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecXkmsServerFormat format, xmlDocPtr doc) {
- xmlNodePtr result = NULL;
-
- xmlSecAssert2(ctx != NULL, NULL);
- xmlSecAssert2(node != NULL, NULL);
-
- switch(format) {
- case xmlSecXkmsServerFormatPlain:
- result = node; /* do nothing */
- break;
-#ifndef XMLSEC_NO_SOAP
- case xmlSecXkmsServerFormatSoap11:
- result = xmlSecSoap11CreateEnvelope(doc);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11CreateEnvelope",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- if(xmlSecSoap11AddBodyEntry(result, node) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11AddBodyEntry",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
- break;
- case xmlSecXkmsServerFormatSoap12:
- result = xmlSecSoap12CreateEnvelope(doc);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12CreateEnvelope",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- if(xmlSecSoap12AddBodyEntry(result, node) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12AddBodyEntry",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
- break;
-#endif /* XMLSEC_NO_SOAP */
- default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- "format=%d",
- format);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- return(result);
-}
-
-/**
- * xmlSecXkmsServerCtxFatalErrorResponseCreate:
- * @ctx: the pointer to XKMS processing context.
- * @format: the request/response format.
- * @doc: the pointer to response parent XML document (might be NULL).
- *
- * Creates a "fatal error" SOAP or other envelope respons. Caller is
- * responsible for adding the returned node to the XML document.
- *
- * Returns: pointer to newly created fatal error response (it might be NULL).
- */
-xmlNodePtr
-xmlSecXkmsServerCtxFatalErrorResponseCreate(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsServerFormat format, xmlDocPtr doc) {
- xmlNodePtr result = NULL;
- int ret;
-
- xmlSecAssert2(ctx != NULL, NULL);
-
- /* make sure that we have an error */
- if(ctx->resultMajor == xmlSecXkmsResultMajorSuccess) {
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- }
-
- switch(format) {
- case xmlSecXkmsServerFormatPlain:
- /* try to create fatal error response with XKMS Status request */
- result = xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestResultId, ctx, doc, NULL);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
- break;
-#ifndef XMLSEC_NO_SOAP
- case xmlSecXkmsServerFormatSoap11:
- result = xmlSecSoap11CreateEnvelope(doc);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11CreateEnvelope",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- ret = xmlSecXkmsServerCtxWriteSoap11FatalError(ctx, result);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxWriteSoap11FatalError",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- xmlFreeNode(result);
- return(NULL);
- }
-
- break;
- case xmlSecXkmsServerFormatSoap12:
- result = xmlSecSoap12CreateEnvelope(doc);
- if(result == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12CreateEnvelope",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- ret = xmlSecXkmsServerCtxWriteSoap12FatalError(ctx, result);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxWriteSoap12FatalError",
- XMLSEC_ERRORS_R_INVALID_DATA,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- xmlFreeNode(result);
- return(NULL);
- }
-
- break;
-#endif /* XMLSEC_NO_SOAP */
- default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- "format=%d",
- format);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(NULL);
- }
-
- return(result);
-}
-
-#ifndef XMLSEC_NO_SOAP
-static int
-xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr envNode) {
- const xmlChar* faultCodeHref = NULL;
- const xmlChar* faultCodeLocalPart = NULL;
- xmlChar* faultString = NULL;
- int len;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(envNode != NULL, -1);
-
- if((ctx->resultMajor == xmlSecXkmsResultMajorVersionMismatch) ||
- (ctx->requestNode == NULL)) {
- /* we were not able to parse the envelope or its general version mismatch error */
- faultCodeHref = xmlSecSoap11Ns;
- faultCodeLocalPart = xmlSecSoapFaultCodeVersionMismatch;
- faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonUnsupportedVersion);
- if(faultString == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) &&
- (ctx->requestId == NULL)) {
- /* we understood the request but were not able to parse input message */
- faultCodeHref = xmlSecSoap11Ns;
- faultCodeLocalPart = xmlSecSoapFaultCodeClient;
-
- len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
- xmlStrlen(xmlSecXkmsSoapFaultReasonMessageInvalid) + 1;
- faultString = xmlMalloc(len + 1);
- if(faultString == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlMalloc",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- xmlSecStrPrintf(faultString, len , xmlSecXkmsSoapFaultReasonMessageInvalid,
- xmlSecErrorsSafeString(ctx->requestNode->name));
- } else if((ctx->resultMajor == xmlSecXkmsResultMajorReceiver) &&
- (ctx->requestId == NULL)) {
- /* we understood the request but were not able to process it */
- faultCodeHref = xmlSecSoap11Ns;
- faultCodeLocalPart = xmlSecSoapFaultCodeServer;
- faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
- if(faultString == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- } else if((ctx->requestId == NULL) && (ctx->requestNode != NULL)) {
- /* we parsed the envelope but were not able to understand this request */
- faultCodeHref = xmlSecSoap11Ns;
- faultCodeLocalPart = xmlSecSoapFaultCodeClient;
-
- len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
- xmlStrlen(xmlSecXkmsSoapFaultReasonMessageNotSupported) + 1;
- faultString = xmlMalloc(len + 1);
- if(faultString == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlMalloc",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- xmlSecStrPrintf(faultString, len , xmlSecXkmsSoapFaultReasonMessageNotSupported,
- xmlSecErrorsSafeString(ctx->requestNode->name));
- } else {
- /* just some error */
- faultCodeHref = xmlSecSoap11Ns;
- faultCodeLocalPart = xmlSecSoapFaultCodeServer;
- faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
- if(faultString == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- }
-
- if(xmlSecSoap11AddFaultEntry(envNode, faultCodeHref, faultCodeLocalPart, faultString, NULL) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap11AddFaultEntry",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- xmlFree(faultString);
- return(-1);
- }
-
- xmlFree(faultString);
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr envNode) {
- xmlSecSoap12FaultCode faultCode = xmlSecSoap12FaultCodeUnknown;
- const xmlChar* faultSubCodeHref = NULL;
- const xmlChar* faultSubCodeLocalPart = NULL;
- xmlChar* faultReason = NULL;
- int len;
- xmlNodePtr faultNode;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(envNode != NULL, -1);
-
- if((ctx->resultMajor == xmlSecXkmsResultMajorVersionMismatch) ||
- (ctx->requestNode == NULL)) {
- /* we were not able to parse the envelope or its general version mismatch error */
- faultCode = xmlSecSoap12FaultCodeVersionMismatch;
- faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonUnsupportedVersion);
- if(faultReason == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) &&
- (ctx->requestId == NULL)) {
- /* we understood the request but were not able to parse input message */
- faultCode = xmlSecSoap12FaultCodeSender;
- faultSubCodeHref = xmlSecXkmsNs;
- faultSubCodeLocalPart = xmlSecXkmsSoapSubcodeValueMessageNotSupported;
-
- len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
- xmlStrlen(xmlSecXkmsSoapFaultReasonMessageInvalid) + 1;
- faultReason = xmlMalloc(len + 1);
- if(faultReason == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlMalloc",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- xmlSecStrPrintf(faultReason, len , xmlSecXkmsSoapFaultReasonMessageInvalid,
- xmlSecErrorsSafeString(ctx->requestNode->name));
- } else if((ctx->resultMajor == xmlSecXkmsResultMajorReceiver) &&
- (ctx->requestId == NULL)) {
- /* we understood the request but were not able to process it */
- faultCode = xmlSecSoap12FaultCodeReceiver;
- faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
- if(faultReason == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- } else if((ctx->requestId == NULL) && (ctx->requestNode != NULL)) {
- /* we parsed the envelope but were not able to understand this request */
- faultCode = xmlSecSoap12FaultCodeSender;
- faultSubCodeHref = xmlSecXkmsNs;
- faultSubCodeLocalPart = xmlSecXkmsSoapSubcodeValueBadMessage;
-
- len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
- xmlStrlen(xmlSecXkmsSoapFaultReasonMessageNotSupported) + 1;
- faultReason = xmlMalloc(len + 1);
- if(faultReason == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlMalloc",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- xmlSecStrPrintf(faultReason, len , xmlSecXkmsSoapFaultReasonMessageNotSupported,
- xmlSecErrorsSafeString(ctx->requestNode->name));
- } else {
- /* just some error */
- faultCode = xmlSecSoap12FaultCodeReceiver;
- faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
- if(faultReason == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_XML_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- }
- xmlSecAssert2(faultCode != xmlSecSoap12FaultCodeUnknown, -1);
- xmlSecAssert2(faultReason != NULL, -1);
-
- faultNode = xmlSecSoap12AddFaultEntry(envNode, faultCode, faultReason,
- xmlSecXkmsSoapFaultReasonLang, NULL, NULL);
- if(faultNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12AddFaultEntry",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- xmlFree(faultReason);
- return(-1);
- }
- xmlFree(faultReason);
-
- if((faultSubCodeHref != NULL) && (faultSubCodeLocalPart != NULL)) {
- /* make sure that we have subcode (xkms) namespace declared */
- if(xmlNewNs(faultNode, faultSubCodeHref, BAD_CAST "xkms") == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlNewNs",
- XMLSEC_ERRORS_R_XML_FAILED,
- "ns=%s",
- xmlSecErrorsSafeString(faultSubCodeHref));
- return(-1);
- }
- if(xmlSecSoap12AddFaultSubcode(faultNode, faultSubCodeHref, faultSubCodeLocalPart) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSoap12AddFaultSubcode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "href=%s,value=%s",
- xmlSecErrorsSafeString(faultSubCodeHref),
- xmlSecErrorsSafeString(faultSubCodeLocalPart));
- return(-1);
- }
- }
-
- return(0);
-}
-
-#endif /* XMLSEC_NO_SOAP */
-
-
-/**
- * xmlSecXkmsServerCtxSetResult:
- * @ctx: the pointer to XKMS processing context.
- * @resultMajor: the major result code.
- * @resultMinor: the minor result code.
- *
- * Sets the major/minor result code in the context if no other result is already
- * reported.
- */
-void
-xmlSecXkmsServerCtxSetResult(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsResultMajor resultMajor,
- xmlSecXkmsResultMinor resultMinor) {
- xmlSecAssert(ctx != NULL);
-
- if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) &&
- (resultMinor != xmlSecXkmsResultMajorSuccess)) {
- ctx->resultMajor = resultMajor;
- ctx->resultMinor = resultMinor;
- } else if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) &&
- (ctx->resultMinor == xmlSecXkmsResultMinorNone)) {
- xmlSecAssert(resultMajor == xmlSecXkmsResultMajorSuccess);
-
- ctx->resultMinor = resultMinor;
- }
-}
-
-
-/**
- * xmlSecXkmsServerCtxDebugDump:
- * @ctx: the pointer to XKMS processing context.
- * @output: the pointer to output FILE.
- *
- * Prints the debug information about @ctx to @output.
- */
-void
-xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
- xmlSecAssert(ctx != NULL);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "= XKMS SERVER CONTEXT: %s\n",
- (ctx->requestId != xmlSecXkmsServerRequestIdUnknown &&
- xmlSecXkmsServerRequestKlassGetName(ctx->requestId)) ?
- xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
- BAD_CAST "NULL");
-
- xmlSecQName2IntegerDebugDump(gXmlSecXkmsResultMajorInfo,
- ctx->resultMajor, BAD_CAST "resultMajor", output);
- xmlSecQName2IntegerDebugDump(gXmlSecXkmsMinorErrorInfo,
- ctx->resultMinor, BAD_CAST "resultMinor", output);
-
- fprintf(output, "== id: %s\n",
- (ctx->id) ? ctx->id : BAD_CAST "");
- fprintf(output, "== service: %s\n",
- (ctx->service) ? ctx->service : BAD_CAST "");
- fprintf(output, "== nonce: %s\n",
- (ctx->nonce) ? ctx->nonce : BAD_CAST "");
- fprintf(output, "== originalRequestId: %s\n",
- (ctx->originalRequestId) ? ctx->originalRequestId : BAD_CAST "");
- fprintf(output, "== pendingNotificationMechanism: %s\n",
- (ctx->pendingNotificationMechanism) ?
- ctx->pendingNotificationMechanism :
- BAD_CAST "");
- fprintf(output, "== pendingNotificationIdentifier: %s\n",
- (ctx->pendingNotificationIdentifier) ?
- ctx->pendingNotificationIdentifier :
- BAD_CAST "");
- if(ctx->responseLimit != XMLSEC_XKMS_NO_RESPONSE_LIMIT) {
- fprintf(output, "== ResponseLimit: %d\n", ctx->responseLimit);
- }
- xmlSecQName2BitMaskDebugDump(gXmlSecXkmsResponseMechanismInfo,
- ctx->responseMechanismMask, BAD_CAST "responseMechanism", output);
-
- if(ctx->expectedService != NULL) {
- fprintf(output, "== expected service: %s\n", ctx->expectedService);
- }
- fprintf(output, "== flags: 0x%08x\n", ctx->flags);
- fprintf(output, "== flags2: 0x%08x\n", ctx->flags2);
-
- fprintf(output, "== Key Info Read Ctx:\n");
- xmlSecKeyInfoCtxDebugDump(&(ctx->keyInfoReadCtx), output);
-
- fprintf(output, "== Key Info Write Ctx:\n");
- xmlSecKeyInfoCtxDebugDump(&(ctx->keyInfoWriteCtx), output);
-
- if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
- fprintf(output, "== Enabled RespondWith: ");
- xmlSecTransformIdListDebugDump(&(ctx->enabledRespondWithIds), output);
- } else {
- fprintf(output, "== Enabled RespondWith: all\n");
- }
-
- if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
- fprintf(output, "== Enabled ServerRequest: ");
- xmlSecTransformIdListDebugDump(&(ctx->enabledServerRequestIds), output);
- } else {
- fprintf(output, "== Enabled ServerRequest: all\n");
- }
-
- fprintf(output, "== RespondWith List:\n");
- xmlSecPtrListDebugDump(&(ctx->respWithList), output);
-
- fprintf(output, "== Keys:\n");
- xmlSecPtrListDebugDump(&(ctx->keys), output);
-
- if(ctx->compoundRequestContexts != NULL) {
- fprintf(output, "== Compound Request:\n");
- xmlSecPtrListDebugDump(ctx->compoundRequestContexts, output);
- }
-}
-
-/**
- * xmlSecXkmsServerCtxDebugXmlDump:
- * @ctx: the pointer to XKMS processing context.
- * @output: the pointer to output FILE.
- *
- * Prints the debug information about @ctx to @output in XML format.
- */
-void
-xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
- xmlSecAssert(ctx != NULL);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<XkmsServerRequestContext name=\"");
- xmlSecPrintXmlString(output,
- (ctx->requestId != xmlSecXkmsServerRequestIdUnknown) ?
- xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
- BAD_CAST "NULL"
- );
- fprintf(output, "\">\n");
-
- xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsResultMajorInfo,
- ctx->resultMajor, BAD_CAST "MajorError", output);
- xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsMinorErrorInfo,
- ctx->resultMinor, BAD_CAST "MinorError", output);
-
- fprintf(output, "<Id>");
- xmlSecPrintXmlString(output, ctx->id);
- fprintf(output, "</Id>\n");
-
- fprintf(output, "<Service>");
- xmlSecPrintXmlString(output, ctx->service);
- fprintf(output, "</Service>\n");
-
- fprintf(output, "<Nonce>");
- xmlSecPrintXmlString(output, ctx->nonce);
- fprintf(output, "</Nonce>\n");
-
- fprintf(output, "<OriginalRequestId>");
- xmlSecPrintXmlString(output, ctx->originalRequestId);
- fprintf(output, "</OriginalRequestId>\n");
-
- fprintf(output, "<PendingNotificationMechanism>");
- xmlSecPrintXmlString(output, ctx->pendingNotificationMechanism);
- fprintf(output, "</PendingNotificationMechanism>\n");
-
- fprintf(output, "<PendingNotificationIdentifier>");
- xmlSecPrintXmlString(output, ctx->pendingNotificationIdentifier);
- fprintf(output, "</PendingNotificationIdentifier>\n");
-
- if(ctx->responseLimit != XMLSEC_XKMS_NO_RESPONSE_LIMIT) {
- fprintf(output, "<ResponseLimit>%d</ResponseLimit>\n", ctx->responseLimit);
- }
- xmlSecQName2BitMaskDebugXmlDump(gXmlSecXkmsResponseMechanismInfo,
- ctx->responseMechanismMask, BAD_CAST "ResponseMechanism", output);
-
-
- fprintf(output, "<ExpectedService>");
- xmlSecPrintXmlString(output, ctx->expectedService);
- fprintf(output, "</ExpectedService>\n");
-
- fprintf(output, "<Flags>%08x</Flags>\n", ctx->flags);
- fprintf(output, "<Flags2>%08x</Flags2>\n", ctx->flags2);
-
- fprintf(output, "<KeyInfoReadCtx>\n");
- xmlSecKeyInfoCtxDebugXmlDump(&(ctx->keyInfoReadCtx), output);
- fprintf(output, "</KeyInfoReadCtx>\n");
-
- fprintf(output, "<KeyInfoWriteCtx>\n");
- xmlSecKeyInfoCtxDebugXmlDump(&(ctx->keyInfoWriteCtx), output);
- fprintf(output, "</KeyInfoWriteCtx>\n");
-
- if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
- fprintf(output, "<EnabledRespondWith>\n");
- xmlSecTransformIdListDebugXmlDump(&(ctx->enabledRespondWithIds), output);
- fprintf(output, "</EnabledRespondWith>\n");
- } else {
- fprintf(output, "<EnabledRespondWith>all</EnabledRespondWith>\n");
- }
-
- if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
- fprintf(output, "<EnabledServerRequest>\n");
- xmlSecTransformIdListDebugXmlDump(&(ctx->enabledServerRequestIds), output);
- fprintf(output, "</EnabledServerRequest>\n");
- } else {
- fprintf(output, "<EnabledServerRequest>all</EnabledServerRequest>\n");
- }
-
-
- fprintf(output, "<RespondWithList>\n");
- xmlSecPtrListDebugXmlDump(&(ctx->respWithList), output);
- fprintf(output, "</RespondWithList>\n");
-
- fprintf(output, "<Keys>\n");
- xmlSecPtrListDebugXmlDump(&(ctx->keys), output);
- fprintf(output, "</Keys>\n");
-
- if(ctx->compoundRequestContexts != NULL) {
- fprintf(output, "<CompoundRequest>\n");
- xmlSecPtrListDebugXmlDump(ctx->compoundRequestContexts, output);
- fprintf(output, "</CompoundRequest>\n");
- }
-
- fprintf(output, "</XkmsServerRequestContext>\n");
-}
-
-/**
- * <xkms:MessageAbstractType Id Service Nonce?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- *
- * <xkms:RequestAbstractType Id Service Nonce? OriginalRequestId? ResponseLimit?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- *
- * XML Schema:
- *
- * <!-- RequestAbstractType -->
- * <complexType name="RequestAbstractType" abstract="true">
- * <complexContent>
- * <extension base="xkms:MessageAbstractType">
- * <sequence>
- * <element ref="xkms:ResponseMechanism" minOccurs="0"
- * maxOccurs="unbounded"/>
- * <element ref="xkms:RespondWith" minOccurs="0"
- * maxOccurs="unbounded"/>
- * <element ref="xkms:PendingNotification" minOccurs="0"/>
- * </sequence>
- * <attribute name="OriginalRequestId" type="anyURI"
- * use="optional"/>
- * <attribute name="ResponseLimit" type="integer" use="optional"/>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /RequestAbstractType -->
- *
- * <!-- MessageAbstractType -->
- * <complexType name="MessageAbstractType" abstract="true">
- * <sequence>
- * <element ref="ds:Signature" minOccurs="0"/>
- * <element ref="xkms:MessageExtension" minOccurs="0"
- * maxOccurs="unbounded"/>
- * <element ref="xkms:OpaqueClientData" minOccurs="0"/>
- * </sequence>
- * <attribute name="Id" type="ID" use="required"/>
- * <attribute name="Service" type="anyURI" use="required"/>
- * <attribute name="Nonce" type="base64Binary" use="optional"/>
- * </complexType>
- * <!-- /MessageAbstractType -->
- */
-static int
-xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- xmlNodePtr cur;
- xmlChar* tmp;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2((*node) != NULL, -1);
-
- cur = (*node);
- xmlSecAssert2(cur != NULL, -1);
-
- /* required Id attribute */
- xmlSecAssert2(ctx->id == NULL, -1);
- ctx->id = xmlGetProp(cur, xmlSecAttrId);
- if(ctx->id == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrId),
- xmlSecErrorsSafeString(cur->name));
- return(-1);
- }
-
- /* required Service attribute */
- xmlSecAssert2(ctx->service == NULL, -1);
- ctx->service = xmlGetProp(cur, xmlSecAttrService);
- if(ctx->service == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrService),
- xmlSecErrorsSafeString(cur->name));
- return(-1);
- }
-
- /* check service */
- if((ctx->expectedService != NULL) && (!xmlStrEqual(ctx->expectedService, ctx->service))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_DATA,
- "expectedService=%s;actualService=%s",
- xmlSecErrorsSafeString(ctx->expectedService),
- xmlSecErrorsSafeString(ctx->service));
- return(-1);
- }
-
- /* optional Nonce attribute */
- xmlSecAssert2(ctx->nonce == NULL, -1);
- ctx->nonce = xmlGetProp(cur, xmlSecAttrNonce);
-
- /* optional OriginalRequestId attribute */
- xmlSecAssert2(ctx->originalRequestId == NULL, -1);
- ctx->originalRequestId = xmlGetProp(cur, xmlSecAttrOriginalRequestId);
-
- /* optional ResponseLimit attribute */
- xmlSecAssert2(ctx->responseLimit == XMLSEC_XKMS_NO_RESPONSE_LIMIT, -1);
- tmp = xmlGetProp(cur, xmlSecAttrResponseLimit);
- if(tmp != NULL) {
- ctx->responseLimit = atoi((char*)tmp);
- xmlFree(tmp);
- }
-
- /* now read children */
- cur = xmlSecGetNextElementNode(cur->children);
-
- /* first node is optional <dsig:Signature/> node */
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeSignature, xmlSecDSigNs)) {
- ret = xmlSecXkmsServerCtxSignatureNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxSignatureNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* next is zero or more <xkms:MessageExtension/> nodes */
- ret = xmlSecXkmsServerCtxMessageExtensionNodesRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxMessageExtensionNodesRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* next is optional <xkms:OpaqueClientData/> node */
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeOpaqueClientData, xmlSecXkmsNs)) {
- ret = xmlSecXkmsServerCtxOpaqueClientDataNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxOpaqueClientDataNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* next is zero or more <xkms:ResponseMechanism/> nodes */
- ret = xmlSecQName2BitMaskNodesRead(gXmlSecXkmsResponseMechanismInfo, &cur,
- xmlSecNodeResponseMechanism, xmlSecXkmsNs,
- ((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM) != 0) ? 1 : 0,
- &ctx->responseMechanismMask);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2BitMaskNodesRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecNodeResponseMechanism));
- return(-1);
- }
-
- /* next is zero or more <xkms:RespondWith/> nodes */
- ret = xmlSecXkmsServerCtxRespondWithNodesRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRespondWithNodesRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* next is optional <xkms:PendingNotification/> node */
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodePendingNotification, xmlSecXkmsNs)) {
- ret = xmlSecXkmsServerCtxPendingNotificationNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxPendingNotificationNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- (*node) = cur;
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxSignatureNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* todo: verify signature and make sure that correct data was signed */
- return(0);
-}
-
-/**
- * <!-- MessageExtension -->
- * <element name="MessageExtension" type="xkms:MessageExtensionAbstractType"
- * abstract="true"/>
- * <complexType name="MessageExtensionAbstractType" abstract="true"/>
- * <!-- /MessageExtension -->
- */
-static int
-xmlSecXkmsServerCtxMessageExtensionNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- xmlNodePtr cur;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->firtsMsgExtNode == NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = (*node);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeMessageExtension, xmlSecXkmsNs)) {
- if(ctx->firtsMsgExtNode == NULL) {
- ctx->firtsMsgExtNode = cur;
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- (*node) = cur;
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxOpaqueClientDataNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(ctx->opaqueClientDataNode == NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* remember that node, will copy it in the response later */
- ctx->opaqueClientDataNode = node;
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxRespondWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = (*node);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeRespondWith, xmlSecXkmsNs)) {
- xmlSecXkmsRespondWithId id = xmlSecXkmsRespondWithIdUnknown;
-
- if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
- id = xmlSecXkmsRespondWithIdListFindByNodeValue(&(ctx->enabledRespondWithIds), cur);
- } else {
- id = xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecXkmsRespondWithIdsGet(), cur);
- }
-
- if(id != xmlSecXkmsRespondWithIdUnknown) {
- ret = xmlSecXkmsRespondWithNodeRead(id, ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecCreateTree",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- } else if((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH) != 0) {
- xmlChar* content ;
-
- content = xmlNodeGetContent(cur);
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s,value=%s",
- xmlSecErrorsSafeString(cur->name),
- xmlSecErrorsSafeString(content));
- if(content != NULL) {
- xmlFree(content);
- }
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- (*node) = cur;
- return(0);
-}
-
-/**
- * XML Schema:
- * <!-- PendingNotification -->
- * <element name="PendingNotification" type="xkms:PendingNotificationType"/>
- * <complexType name="PendingNotificationType">
- * <attribute name="Mechanism" type="anyURI" use="required"/>
- * <attribute name="Identifier" type="anyURI" use="required"/>
- * </complexType>
- * <!-- /PendingNotification -->
- */
-static int
-xmlSecXkmsServerCtxPendingNotificationNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- xmlSecAssert2(ctx->pendingNotificationMechanism == NULL, -1);
- ctx->pendingNotificationMechanism = xmlGetProp(node, xmlSecAttrMechanism);
- if(ctx->pendingNotificationMechanism == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrMechanism),
- xmlSecErrorsSafeString(node->name));
- return(-1);
- }
-
- xmlSecAssert2(ctx->pendingNotificationIdentifier == NULL, -1);
- ctx->pendingNotificationIdentifier = xmlGetProp(node, xmlSecAttrIdentifier);
- if(ctx->pendingNotificationIdentifier == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrIdentifier),
- xmlSecErrorsSafeString(node->name));
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:PendingRequestType Id Service Nonce? OriginalRequestId? ResponseLimit? ResponseId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- *
- * XML Schema:
- *
- * <!-- PendingRequest -->
- * <element name="PendingRequest" type="xkms:PendingRequestType"/>
- * <complexType name="PendingRequestType">
- * <complexContent>
- * <extension base="xkms:RequestAbstractType">
- * <attribute name="ResponseId" type="anyURI" use="optional"/>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /PendingRequest --> *
- */
-static int
-xmlSecXkmsServerCtxPendingRequestNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first read "parent" type */
- ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* todo: read responseId */
- return(0);
-}
-
-/**
- * <xkms:QueryKeyBinding Id?
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:TimeInstant Time>?
- *
- * XML Schema:
- * <!-- QueryKeyBinding -->
- * <element name="QueryKeyBinding" type="xkms:QueryKeyBindingType"/>
- * <complexType name="QueryKeyBindingType">
- * <complexContent>
- * <extension base="xkms:KeyBindingAbstractType">
- * <sequence>
- * <element ref="xkms:TimeInstant" minOccurs="0"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /QueryKeyBinding -->
- */
-static int
-xmlSecXkmsServerCtxQueryKeyBindingNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first read "parent" type */
- cur = node;
- ret = xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* next is optional <xkms:TimeInstant/> node */
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeTimeInstant, xmlSecXkmsNs)) {
- ret = xmlSecXkmsServerCtxTimeInstantNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxTimeInstantNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* check that there is nothing after the last node */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:KeyBindingAbstractType Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- *
- * XML Schema:
- * <!-- KeyBindingAbstractType-->
- * <complexType name="KeyBindingAbstractType" abstract="true">
- * <sequence>
- * <element ref="ds:KeyInfo" minOccurs="0"/>
- * <element ref="xkms:KeyUsage" minOccurs="0" maxOccurs="3"/>
- * <element ref="xkms:UseKeyWith" minOccurs="0"
- * maxOccurs="unbounded"/>
- * </sequence>
- * <attribute name="Id" type="ID" use="optional"/>
- * </complexType>
- * <!-- /KeyBindingAbstractType-->
- */
-static int
-xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2((*node) != NULL, -1);
-
- cur = (*node);
- xmlSecAssert2(cur != NULL, -1);
-
- /* we don't care about Id attribute in this node */
- cur = xmlSecGetNextElementNode(cur->children);
-
- /* first node is optional <dsig:KeyInfo/> node. for now we only remember pointer */
- xmlSecAssert2(ctx->keyInfoNode == NULL, -1);
- if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
- ctx->keyInfoNode = cur;
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* next is zero or more <xkms:KeyUsage/> nodes */
- ret = xmlSecQName2BitMaskNodesRead(gXmlSecXkmsKeyUsageInfo, &cur,
- xmlSecNodeKeyUsage, xmlSecXkmsNs,
- ((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE) != 0) ? 1 : 0,
- &(ctx->keyInfoReadCtx.keyReq.keyUsage));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2BitMaskNodesRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
- return(-1);
- }
-
- /* next is zero or more <xkms:UseKeyWith/> nodes */
- ret = xmlSecXkmsServerCtxUseKeyWithNodesRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxUseKeyWithNodesRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- (*node) = cur;
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
-
- /* generate and add Id attribute */
- ret = xmlSecGenerateAndAddID(node, xmlSecAttrId, ctx->idPrefix, ctx->idLen);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGenerateAndAddID",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* <dsig:KeyInfo/> node */
- cur = xmlSecAddChild(node, xmlSecNodeKeyInfo, xmlSecDSigNs);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
- return(-1);
- }
-
- ret = xmlSecXkmsServerCtxKeyInfoNodeWrite(ctx, cur, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyInfoNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* next is <xkms:KeyUsage/> node */
- ret = xmlSecQName2BitMaskNodesWrite(gXmlSecXkmsKeyUsageInfo, node,
- xmlSecNodeKeyUsage, xmlSecXkmsNs,
- key->usage);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2BitMaskNodesWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
- return(-1);
- }
-
- /* and the last node is <xkms:UseKeyWith/> */
- ret = xmlSecXkmsServerCtxUseKeyWithNodesWrite(ctx, node, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxUseKeyWithNodesWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxKeyInfoNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* add child nodes as requested in <xkms:RespondWith/> nodes */
- ret = xmlSecXkmsRespondWithIdListWrite(&(ctx->respWithList), ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdListWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- ret = xmlSecKeyInfoNodeWrite(node, key, &(ctx->keyInfoWriteCtx));
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-
-/**
- * XML Schema:
- * <!-- UseKeyWith -->
- * <element name="UseKeyWith" type="xkms:UseKeyWithType"/>
- * <complexType name="UseKeyWithType">
- * <attribute name="Application" type="anyURI" use="required"/>
- * <attribute name="Identifier" type="string" use="required"/>
- * </complexType>
- * <!-- /UseKeyWith -->
- */
-static int
-xmlSecXkmsServerCtxUseKeyWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
- xmlSecPtrListPtr list;
- xmlNodePtr cur;
- xmlSecKeyUseWithPtr keyUseWith;
- xmlChar* application;
- xmlChar* identifier;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- list = &(ctx->keyInfoReadCtx.keyReq.keyUseWithList);
- xmlSecAssert2(xmlSecPtrListGetSize(list) == 0, -1);
-
- cur = (*node);
- while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeUseKeyWith, xmlSecXkmsNs)) {
- application = xmlGetProp(cur, xmlSecAttrApplication);
- if(application == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrApplication),
- xmlSecErrorsSafeString(cur->name));
- return(-1);
- }
-
- identifier = xmlGetProp(cur, xmlSecAttrIdentifier);
- if(identifier == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlGetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s;node=%s",
- xmlSecErrorsSafeString(xmlSecAttrIdentifier),
- xmlSecErrorsSafeString(cur->name));
- xmlFree(application);
- return(-1);
- }
-
- keyUseWith = xmlSecKeyUseWithCreate(application, identifier);
- if(keyUseWith == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyUseWithCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlFree(application);
- xmlFree(identifier);
- return(-1);
- }
- xmlFree(application);
- xmlFree(identifier);
-
- ret = xmlSecPtrListAdd(list, keyUseWith);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyUseWithDestroy(keyUseWith);
- return(-1);
- }
-
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- (*node) = cur;
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxUseKeyWithNodesWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
-
- /* todo: write UseKeyWith */
- return(0);
-}
-
-
-static int
-xmlSecXkmsServerCtxTimeInstantNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* todo: parse xml schema dataTime or use libxml? */
- return(0);
-}
-
-/**
- * <xkms:ResultType Id Service Nonce? ResultMajor ResultMinor? RequestId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:RequestSignatureValue>*
- *
- * XML Schema:
- * <!-- ResultType -->
- * <element name="Result" type="xkms:ResultType"/>
- * <complexType name="ResultType">
- * <complexContent>
- * <extension base="xkms:MessageAbstractType">
- * <sequence>
- * <element ref="xkms:RequestSignatureValue" minOccurs="0"/>
- * </sequence>
- * <attribute name="ResultMajor" type="QName" use="required"/>
- * <attribute name="ResultMinor" type="QName" use="optional"/>
- * <attribute name="RequestId" type="anyURI" use="optional"/>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /ResultType -->
- */
-static int
-xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* generate and add Id attribute */
- ret = xmlSecGenerateAndAddID(node, xmlSecAttrId, ctx->idPrefix, ctx->idLen);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGenerateAndAddID",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* todo: generate nonce? */
-
- /* set Service atribute (required) */
- if((ctx->service == NULL) || (xmlSetProp(node, xmlSecAttrService, ctx->service) == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s,value=%s",
- xmlSecErrorsSafeString(xmlSecAttrService),
- xmlSecErrorsSafeString(ctx->service));
- return(-1);
- }
-
-
- /* set RequestId atribute (optional) */
- if((ctx->id != NULL) && (xmlSetProp(node, xmlSecAttrRequestId, ctx->id) == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s,value=%s",
- xmlSecErrorsSafeString(xmlSecAttrRequestId),
- xmlSecErrorsSafeString(ctx->id));
- return(-1);
- }
-
-
- /* set major code (required) */
- ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsResultMajorInfo, node,
- xmlSecAttrResultMajor, ctx->resultMajor);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2IntegerAttributeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s,value=%d",
- xmlSecErrorsSafeString(xmlSecAttrResultMajor),
- ctx->resultMajor);
- return(-1);
- }
-
- /* set minor code (optional) */
- if(ctx->resultMinor != xmlSecXkmsResultMinorNone) {
- ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsMinorErrorInfo, node,
- xmlSecAttrResultMinor, ctx->resultMinor);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2IntegerAttributeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s,value=%d",
- xmlSecErrorsSafeString(xmlSecAttrResultMinor),
- ctx->resultMinor);
- return(-1);
- }
- }
-
- /* todo: create signature template */
-
- /* todo: create message extension nodes? */
-
- /* <xkms:OpaqueClientData/>: An XKMS service SHOULD return the value of
- * the <OpaqueClientData> element unmodified in a request in a response
- * with status code Succes */
- if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && (ctx->opaqueClientDataNode != NULL)) {
- xmlNodePtr copyNode;
-
- copyNode = xmlDocCopyNode(ctx->opaqueClientDataNode, node->doc, 1);
- if(copyNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSetProp",
- XMLSEC_ERRORS_R_XML_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(ctx->opaqueClientDataNode->name));
- return(-1);
- }
-
- if(xmlSecAddChildNode(node, copyNode) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChildNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(copyNode->name));
- return(-1);
- }
- }
-
- ret = xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestSignatureValueNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * A service SHOULD include the <RequestSignatureValue> element in a response
- * if the following conditions are satisfied and MUST NOT include the value
- * otherwise:
- *
- *
- * - The <ds:Signature> element was present in the corresponding request
- * - The service successfully verified the <ds:Signature> element in the
- * corresponding request, and
- * - The ResponseMechanism RequestSignatureValue was specified.
- *
- */
-static int
-xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* todo: check all conditions for RequestSignatureValue */
- if((ctx->responseMechanismMask & XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE) == 0) {
- /* The ResponseMechanism RequestSignatureValue was not specified. */
- return(0);
- }
-
- /* todo: write RequestSignatureValue */
- return(0);
-}
-
-
-/**
- *
- * <xkms:UnverifiedKeyBindingType Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:ValidityInterval NotBefore NotOnOrAfter>?
- *
- * XML Schema:
- *
- * <!-- UnverifiedKeyBinding -->
- * <element name="UnverifiedKeyBinding" type="xkms:UnverifiedKeyBindingType"/>
- * <complexType name="UnverifiedKeyBindingType">
- * <complexContent>
- * <extension base="xkms:KeyBindingAbstractType">
- * <sequence>
- * <element ref="xkms:ValidityInterval" minOccurs="0"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /UnverifiedKeyBinding -->
- */
-static int
-xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first write "parent" type */
- ret = xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(ctx, node, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* <xkms:ValidityInterval/> node */
- ret = xmlSecXkmsServerCtxValidityIntervalNodeWrite(ctx, node, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxValidityIntervalNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-static int
-xmlSecXkmsServerCtxValidityIntervalNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* todo: write key validity interval */
- return(0);
-}
-
-/**
- * <xkms:KeyBinding Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:ValidityInterval NotBefore NotOnOrAfter>?
- * <xkms:Status StatusValue>
- * (<xkms:ValidReason>?
- * <xkms:IndeterminateReason>?
- * <xkms:InvalidReason>?
- * )*
- *
- * XML Schema:
- *
- * <!-- KeyBinding -->
- * <element name="KeyBinding" type="xkms:KeyBindingType"/>
- * <complexType name="KeyBindingType">
- * <complexContent>
- * <extension base="xkms:UnverifiedKeyBindingType">
- * <sequence>
- * <element ref="xkms:Status"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /KeyBinding -->
- */
-static int
-xmlSecXkmsServerCtxKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first write "parent" type */
- ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, node, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* <xkms:Status/> node */
- ret = xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(ctx, node, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyBindingStatusNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:Status StatusValue>
- * (<xkms:ValidReason>?
- * <xkms:IndeterminateReason>?
- * <xkms:InvalidReason>?
- * )*
- *
- * XML Schema:
- *
- * <!-- Status -->
- * <element name="Status" type="xkms:StatusType"/>
- * <complexType name="StatusType">
- * <sequence>
- * <element ref="xkms:ValidReason" minOccurs="0"
- * maxOccurs="unbounded"/>
- * <element ref="xkms:IndeterminateReason" minOccurs="0"
- * maxOccurs="unbounded"/>
- * <element ref="xkms:InvalidReason" minOccurs="0"
- * maxOccurs="unbounded"/>
- * </sequence>
- * <attribute name="StatusValue" type="xkms:KeyBindingStatus"
- * use="required"/>
- * </complexType>
- * <simpleType name="KeyBindingStatus">
- * <restriction base="QName">
- * <enumeration value="xkms:Valid"/>
- * <enumeration value="xkms:Invalid"/>
- * <enumeration value="xkms:Indeterminate"/>
- * </restriction>
- * </simpleType>
- * <!-- /Status -->
- */
-static int
-xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(key != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = xmlSecAddChild(node, xmlSecNodeStatus, xmlSecXkmsNs);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeStatus));
- return(-1);
- }
-
- /* if we are here then the key was validated */
- ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsKeyBindingStatusInfo, cur,
- xmlSecAttrStatusValue, xmlSecXkmsKeyBindingStatusValid);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecQName2IntegerAttributeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecAttrStatusValue));
- return(-1);
- }
-
- /* todo: write the reasons */
- return(0);
-}
-
-/************************************************************************
- *
- * xmlSecXkmsServerCtx list
- *
- ************************************************************************/
-static xmlSecPtrListKlass xmlSecXkmsServerCtxPtrListKlass = {
- BAD_CAST "xkms-server-ctx-list",
- NULL, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
- (xmlSecPtrDestroyItemMethod)xmlSecXkmsServerCtxDestroy, /* xmlSecPtrDestroyItemMethod destroyItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugDump, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
-};
-
-xmlSecPtrListId
-xmlSecXkmsServerCtxPtrListGetKlass(void) {
- return(&xmlSecXkmsServerCtxPtrListKlass);
-}
-
-
-/**************************************************************************
- *
- * Global xmlSecXkmsRespondWithIds list functions
- *
- *************************************************************************/
-static xmlSecPtrList xmlSecAllXkmsRespondWithIds;
-
-
-/**
- * xmlSecXkmsRespondWithIdsGet:
- *
- * Gets global registered RespondWith klasses list.
- *
- * Returns: the pointer to list of all registered RespondWith klasses.
- */
-xmlSecPtrListPtr
-xmlSecXkmsRespondWithIdsGet(void) {
- return(&xmlSecAllXkmsRespondWithIds);
-}
-
-/**
- * xmlSecXkmsRespondWithIdsInit:
- *
- * Initializes the RespondWith klasses. This function is called from the
- * #xmlSecInit function and the application should not call it directly.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsRespondWithIdsInit(void) {
- int ret;
-
- ret = xmlSecPtrListInitialize(xmlSecXkmsRespondWithIdsGet(), xmlSecXkmsRespondWithIdListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListPtrInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecXkmsRespondWithIdListId");
- return(-1);
- }
-
- ret = xmlSecXkmsRespondWithIdsRegisterDefault();
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegisterDefault",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsRespondWithIdsShutdown:
- *
- * Shuts down the keys data klasses. This function is called from the
- * #xmlSecShutdown function and the application should not call it directly.
- */
-void
-xmlSecXkmsRespondWithIdsShutdown(void) {
- xmlSecPtrListFinalize(xmlSecXkmsRespondWithIdsGet());
-}
-
-/**
- * xmlSecXkmsRespondWithIdsRegister:
- * @id: the RespondWith klass.
- *
- * Registers @id in the global list of RespondWith klasses.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id) {
- int ret;
-
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
-
- ret = xmlSecPtrListAdd(xmlSecXkmsRespondWithIdsGet(), (xmlSecPtr)id);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "RespondWith=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)));
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsRespondWithIdsRegisterDefault:
- *
- * Registers default (implemented by XML Security Library)
- * RespondWith klasses: KeyName, KeyValue,...
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsRespondWithIdsRegisterDefault(void) {
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithKeyNameId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyNameId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithKeyValueId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyValueId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithPrivateKeyId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPrivateKeyId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithRetrievalMethodId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithRetrievalMethodId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509CertId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CertId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509ChainId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509ChainId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509CRLId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CRLId)));
- return(-1);
- }
-
- /* TODO: OCSP, PGP, PGPWeb, SPKI */
- /*
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithPGPId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPGPId)));
- return(-1);
- }
-
- if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithSPKIId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithSPKIId)));
- return(-1);
- }
- */
- return(0);
-}
-
-
-/************************************************************************
- *
- * XKMS RespondWith Klass
- *
- ************************************************************************/
-/**
- * xmlSecXkmsRespondWithNodeRead:
- * @id: the RespondWith class.
- * @ctx: the XKMS request processing context.
- * @node: the pointer to <xkms:RespondWith/> node.
- *
- * Reads the content of the <xkms:RespondWith/> @node.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsRespondWithNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- if(id->readNode != NULL) {
- return((id->readNode)(id, ctx, node));
- }
- return(0);
-}
-
-/**
- * xmlSecXkmsRespondWithNodeWrite:
- * @id: the RespondWith class.
- * @ctx: the XKMS request processing context.
- * @node: the pointer to <xkms:RespondWith/> node.
- *
- * Writes the content of the <xkms:RespondWith/> @node.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsRespondWithNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- if(id->writeNode != NULL) {
- return((id->writeNode)(id, ctx, node));
- }
- return(0);
-}
-
-/**
- * xmlSecXkmsRespondWithDebugDump:
- * @id: the RespondWith class.
- * @output: the output file.
- *
- * Writes debug information about @id into the @output.
- */
-void
-xmlSecXkmsRespondWithDebugDump(xmlSecXkmsRespondWithId id, FILE* output) {
- xmlSecAssert(id != xmlSecXkmsRespondWithIdUnknown);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== RespondWith: \"%s\" (href=\"%s\")\n",
- xmlSecErrorsSafeString(id->valueName),
- xmlSecErrorsSafeString(id->valueNs));
-}
-
-/**
- * xmlSecXkmsRespondWithDebugXmlDump:
- * @id: the RespondWith class.
- * @output: the output file.
- *
- * Writes debug information about @id into the @output in XML format.
- */
-void
-xmlSecXkmsRespondWithDebugXmlDump(xmlSecXkmsRespondWithId id, FILE* output) {
- xmlSecAssert(id != xmlSecXkmsRespondWithIdUnknown);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<RespondWith href=\"");
- xmlSecPrintXmlString(output, id->valueNs);
- fprintf(output, "\">");
- xmlSecPrintXmlString(output, id->valueName);
- fprintf(output, "</RespondWith>\n");
-}
-
-int
-xmlSecXkmsRespondWithDefaultNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- ret = xmlSecXkmsRespondWithIdListFind(&(ctx->respWithList), id);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithIdListFind",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- } else if(ret > 0) {
- /* do nothing, we already have it in the list */
- return(0);
- }
-
- ret = xmlSecPtrListAdd(&(ctx->respWithList), id);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-int
-xmlSecXkmsRespondWithDefaultNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- xmlNodePtr cur;
-
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
- xmlSecAssert2(id->nodeName != NULL, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = xmlSecAddChild(node, id->nodeName, id->nodeNs);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(id->nodeName));
- return(-1);
- }
-
- return(0);
-}
-
-/************************************************************************
- *
- * XKMS RespondWith Klass List
- *
- ************************************************************************/
-static xmlSecPtrListKlass xmlSecXkmsRespondWithIdListKlass = {
- BAD_CAST "respond-with-ids-list",
- NULL, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
- NULL, /* xmlSecPtrDestroyItemMethod destroyItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugDump, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
-};
-
-xmlSecPtrListId
-xmlSecXkmsRespondWithIdListGetKlass(void) {
- return(&xmlSecXkmsRespondWithIdListKlass);
-}
-
-int
-xmlSecXkmsRespondWithIdListFind(xmlSecPtrListPtr list, xmlSecXkmsRespondWithId id) {
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsRespondWithIdListId), -1);
- xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- if((xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i) == id) {
- return(1);
- }
- }
- return(0);
-}
-
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecPtrListPtr list, xmlNodePtr node) {
- xmlSecXkmsRespondWithId result = xmlSecXkmsRespondWithIdUnknown;
- xmlSecXkmsRespondWithId id;
- xmlChar* content;
- xmlChar* qnameLocalPart = NULL;
- xmlChar* qnamePrefix = NULL;
- const xmlChar* qnameHref;
- xmlNsPtr ns;
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsRespondWithIdListId), xmlSecXkmsRespondWithIdUnknown);
- xmlSecAssert2(node != NULL, xmlSecXkmsRespondWithIdUnknown);
-
- content = xmlNodeGetContent(node);
- if(content == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlNodeGetContent",
- XMLSEC_ERRORS_R_XML_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(node->name));
- return(xmlSecXkmsRespondWithIdUnknown);
- }
-
- qnameLocalPart = (xmlChar*)xmlStrchr(content, ':');
- if(qnameLocalPart != NULL) {
- qnamePrefix = content;
- *(qnameLocalPart++) = '\0';
- } else {
- qnamePrefix = NULL;
- qnameLocalPart = content;
- }
-
- /* search namespace href */
- ns = xmlSearchNs(node->doc, node, qnamePrefix);
- if((ns == NULL) && (qnamePrefix != NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSearchNs",
- XMLSEC_ERRORS_R_XML_FAILED,
- "node=%s,qnamePrefix=%s",
- xmlSecErrorsSafeString(node->name),
- xmlSecErrorsSafeString(qnamePrefix));
- xmlFree(content);
- return(xmlSecXkmsRespondWithIdUnknown);
- }
- qnameHref = (ns != NULL) ? ns->href : BAD_CAST NULL;
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
- if((id != xmlSecXkmsRespondWithIdUnknown) &&
- xmlStrEqual(id->valueName, qnameLocalPart) &&
- xmlStrEqual(id->valueNs, qnameHref)) {
- result = id;
- break;
- }
- }
-
- xmlFree(content);
- return(result);
-}
-
-int
-xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecXkmsRespondWithId id;
- xmlSecSize i, size;
- int ret;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsRespondWithIdListId), -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
- if(id != xmlSecXkmsRespondWithIdUnknown) {
- ret = xmlSecXkmsRespondWithNodeWrite(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
- }
-
- return(0);
-}
-
-/********************************************************************
- *
- * XML Sec Library RespondWith Ids
- *
- *******************************************************************/
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyNameKlass = {
- xmlSecRespondWithKeyName, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeKeyName, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithKeyNameGetKlass:
- *
- * The respond with KeyName klass.
- *
- * Returns: respond with KeyName klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithKeyNameGetKlass(void) {
- return(&xmlSecXkmsRespondWithKeyNameKlass);
-}
-
-
-
-static int xmlSecXkmsRespondWithKeyValueNodeRead (xmlSecXkmsRespondWithId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyValueKlass = {
- xmlSecRespondWithKeyValue, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeKeyValue, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithKeyValueNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithKeyValueGetKlass:
- *
- * The respond with KeyValue klass.
- *
- * Returns: respond with KeyValue klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithKeyValueGetKlass(void) {
- return(&xmlSecXkmsRespondWithKeyValueKlass);
-}
-
-static int
-xmlSecXkmsRespondWithKeyValueNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsRespondWithKeyValueId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* do usual stuff */
- ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithDefaultNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* and now set some parameters in the ctx to look for a public or private
- * key and to write a public key
- */
- ctx->keyInfoReadCtx.keyReq.keyType |= (xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
- ctx->keyInfoWriteCtx.keyReq.keyType |= xmlSecKeyDataTypePublic;
-
- return(0);
-}
-
-static int xmlSecXkmsRespondWithPrivateKeyNodeRead (xmlSecXkmsRespondWithId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPrivateKeyKlass = {
- xmlSecRespondWithPrivateKey, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeKeyValue, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithPrivateKeyNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithPrivateKeyGetKlass:
- *
- * The respond with PrivateKey klass.
- *
- * Returns: respond with PrivateKey klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithPrivateKeyGetKlass(void) {
- return(&xmlSecXkmsRespondWithPrivateKeyKlass);
-}
-
-static int
-xmlSecXkmsRespondWithPrivateKeyNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsRespondWithPrivateKeyId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* do usual stuff */
- ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithDefaultNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* and now set some parameters in the ctx to look for a private
- * key and to write a private key
- */
- ctx->keyInfoReadCtx.keyReq.keyType |= xmlSecKeyDataTypePrivate;
- ctx->keyInfoWriteCtx.keyReq.keyType |= xmlSecKeyDataTypePrivate;
-
- return(0);
-}
-
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithRetrievalMethodKlass = {
- xmlSecRespondWithRetrievalMethod, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeRetrievalMethod, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithRetrievalMethodGetKlass:
- *
- * The respond with RetrievalMethod klass.
- *
- * Returns: respond with RetrievalMethod klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithRetrievalMethodGetKlass(void) {
- return(&xmlSecXkmsRespondWithRetrievalMethodKlass);
-}
-
-
-
-static int xmlSecXkmsRespondWithX509CertNodeRead (xmlSecXkmsRespondWithId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CertKlass = {
- xmlSecRespondWithX509Cert, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeX509Data, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithX509CertNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithX509CertGetKlass:
- *
- * The respond with X509Cert klass.
- *
- * Returns: respond with X509Cert klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithX509CertGetKlass(void) {
- return(&xmlSecXkmsRespondWithX509CertKlass);
-}
-
-static int
-xmlSecXkmsRespondWithX509CertNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsRespondWithX509CertId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* do usual stuff */
- ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithDefaultNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-static int xmlSecXkmsRespondWithX509ChainNodeRead (xmlSecXkmsRespondWithId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509ChainKlass = {
- xmlSecRespondWithX509Chain, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeX509Data, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithX509ChainNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithX509ChainGetKlass:
- *
- * The respond with X509Chain klass.
- *
- * Returns: respond with X509Chain klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithX509ChainGetKlass(void) {
- return(&xmlSecXkmsRespondWithX509ChainKlass);
-}
-
-static int
-xmlSecXkmsRespondWithX509ChainNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsRespondWithX509ChainId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* do usual stuff */
- ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithDefaultNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-static int xmlSecXkmsRespondWithX509CRLNodeRead (xmlSecXkmsRespondWithId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CRLKlass = {
- xmlSecRespondWithX509CRL, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeX509Data, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithX509CRLNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithX509CRLGetKlass:
- *
- * The respond with X509CRL klass.
- *
- * Returns: respond with X509CRL klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithX509CRLGetKlass(void) {
- return(&xmlSecXkmsRespondWithX509CRLKlass);
-}
-
-static int
-xmlSecXkmsRespondWithX509CRLNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsRespondWithX509CRLId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* do usual stuff */
- ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
- "xmlSecXkmsRespondWithDefaultNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPGPKlass = {
- xmlSecRespondWithPGP, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodePGPData, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithPGPGetKlass:
- *
- * The respond with PGP klass.
- *
- * Returns: respond with PGP klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithPGPGetKlass(void) {
- return(&xmlSecXkmsRespondWithPGPKlass);
-}
-
-static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithSPKIKlass = {
- xmlSecRespondWithSPKI, /* const xmlChar* valueName; */
- xmlSecXkmsNs, /* const xmlChar* valueNs; */
- xmlSecNodeSPKIData, /* const xmlChar* nodeName; */
- xmlSecDSigNs, /* const xmlChar* nodeNs; */
- xmlSecXkmsRespondWithDefaultNodeRead, /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
- xmlSecXkmsRespondWithDefaultNodeWrite, /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsRespondWithSPKIGetKlass:
- *
- * The respond with SPKI klass.
- *
- * Returns: respond with SPKI klass.
- */
-xmlSecXkmsRespondWithId
-xmlSecXkmsRespondWithSPKIGetKlass(void) {
- return(&xmlSecXkmsRespondWithSPKIKlass);
-}
-
-/**************************************************************************
- *
- * Global xmlSecXkmsServerRequestIds list functions
- *
- *************************************************************************/
-static xmlSecPtrList xmlSecAllXkmsServerRequestIds;
-
-
-/**
- * xmlSecXkmsServerRequestIdsGet:
- *
- * Gets global registered ServerRequest klasses list.
- *
- * Returns: the pointer to list of all registered ServerRequest klasses.
- */
-xmlSecPtrListPtr
-xmlSecXkmsServerRequestIdsGet(void) {
- return(&xmlSecAllXkmsServerRequestIds);
-}
-
-/**
- * xmlSecXkmsServerRequestIdsInit:
- *
- * Initializes the ServerRequest klasses. This function is called from the
- * #xmlSecInit function and the application should not call it directly.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerRequestIdsInit(void) {
- int ret;
-
- ret = xmlSecPtrListInitialize(xmlSecXkmsServerRequestIdsGet(), xmlSecXkmsServerRequestIdListId);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListPtrInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecXkmsServerRequestIdListId");
- return(-1);
- }
-
- ret = xmlSecXkmsServerRequestIdsRegisterDefault();
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegisterDefault",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsServerRequestIdsShutdown:
- *
- * Shuts down the keys data klasses. This function is called from the
- * #xmlSecShutdown function and the application should not call it directly.
- */
-void
-xmlSecXkmsServerRequestIdsShutdown(void) {
- xmlSecPtrListFinalize(xmlSecXkmsServerRequestIdsGet());
-}
-
-/**
- * xmlSecXkmsServerRequestIdsRegister:
- * @id: the ServerRequest klass.
- *
- * Registers @id in the global list of ServerRequest klasses.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestId id) {
- int ret;
-
- xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
-
- ret = xmlSecPtrListAdd(xmlSecXkmsServerRequestIdsGet(), (xmlSecPtr)id);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ServerRequest=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(id)));
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * xmlSecXkmsServerRequestIdsRegisterDefault:
- *
- * Registers default (implemented by XML Security Library)
- * ServerRequest klasses: KeyName, KeyValue,...
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerRequestIdsRegisterDefault(void) {
- if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestResultId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestResultId)));
- return(-1);
- }
-
- if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestStatusId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestStatusId)));
- return(-1);
- }
-
- if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestCompoundId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestCompoundId)));
- return(-1);
- }
-
- if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestLocateId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestLocateId)));
- return(-1);
- }
-
- if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestValidateId) < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsRegister",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "name=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestValidateId)));
- return(-1);
- }
-
- return(0);
-}
-
-
-/************************************************************************
- *
- * XKMS ServerRequest Klass
- *
- ************************************************************************/
-/**
- * xmlSecXkmsServerRequestNodeRead:
- * @id: the ServerRequest class.
- * @ctx: the XKMS request processing context.
- * @node: the pointer to <xkms:ServerRequest/> node.
- *
- * Reads the content of the <xkms:ServerRequest/> @node.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerRequestNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node) {
- xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- if(id->readNode != NULL) {
- return((id->readNode)(id, ctx, node));
- }
- return(0);
-}
-
-/**
- * xmlSecXkmsServerExecute:
- * @id: the ServerRequest class.
- * @ctx: the XKMS request processing context.
- *
- * Executes XKMS server request.
- *
- * Returns: 0 on success or a negative value if an error occurs.
- */
-int
-xmlSecXkmsServerRequestExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
- xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
- xmlSecAssert2(ctx != NULL, -1);
-
- if(id->execute != NULL) {
- return((id->execute)(id, ctx));
- }
- return(0);
-}
-
-
-/**
- * xmlSecXkmsServerResponseNodeWrite:
- * @id: the ServerRequest class.
- * @ctx: the XKMS request processing context.
- * @doc: the pointer to response parent XML document (might be NULL).
- * @node: the pointer to response parent XML node (might be NULL).
- *
- * Writes XKMS response from context to a newly created node. Caller is
- * responsible for adding the returned node to the XML document.
- *
- * Returns: pointer to newly created XKMS response node or NULL
- * if an error occurs.
- */
-xmlNodePtr
-xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx,
- xmlDocPtr doc, xmlNodePtr node) {
- xmlNodePtr respNode;
- int ret;
-
- xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, NULL);
- xmlSecAssert2(ctx != NULL, NULL);
-
- /* create the response root node */
- if(node == NULL) {
- xmlNsPtr ns;
-
- respNode = xmlNewDocNode(doc, NULL, id->resultNodeName, NULL);
- if(respNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlNewDocNode",
- XMLSEC_ERRORS_R_XML_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(id->resultNodeName));
- return(NULL);
- }
- ns = xmlNewNs(respNode, id->resultNodeNs, NULL);
- if(ns == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlNewNs",
- XMLSEC_ERRORS_R_XML_FAILED,
- "ns=%s",
- xmlSecErrorsSafeString(id->resultNodeNs));
- xmlFreeNode(respNode);
- return(NULL);
- }
- xmlSetNs(respNode, ns);
- } else {
- respNode = xmlSecAddChild(node, id->resultNodeName, id->resultNodeNs);
- if(respNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(id->resultNodeName));
- return(NULL);
- }
- }
-
- if(id->writeNode != NULL) {
- ret = (id->writeNode)(id, ctx, respNode);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "writeNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(id->resultNodeName));
- xmlFreeNode(respNode);
- return(NULL);
- }
- }
-
- return(respNode);
-}
-
-/**
- * xmlSecXkmsServerRequestDebugDump:
- * @id: the ServerRequest class.
- * @output: the output file.
- *
- * Writes debug information about @id into the @output.
- */
-void
-xmlSecXkmsServerRequestDebugDump(xmlSecXkmsServerRequestId id, FILE* output) {
- xmlSecAssert(id != xmlSecXkmsServerRequestIdUnknown);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "=== ServerRequest: %s\n", xmlSecErrorsSafeString(id->name));
-}
-
-/**
- * xmlSecXkmsServerRequestDebugXmlDump:
- * @id: the ServerRequest class.
- * @output: the output file.
- *
- * Writes debug information about @id into the @output in XML format.
- */
-void
-xmlSecXkmsServerRequestDebugXmlDump(xmlSecXkmsServerRequestId id, FILE* output) {
- xmlSecAssert(id != xmlSecXkmsServerRequestIdUnknown);
- xmlSecAssert(output != NULL);
-
- fprintf(output, "<ServerRequest>");
- xmlSecPrintXmlString(output, id->name);
- fprintf(output, "</ServerRequest>\n");
-}
-
-/************************************************************************
- *
- * XKMS ServerRequest Klass List
- *
- ************************************************************************/
-static xmlSecPtrListKlass xmlSecXkmsServerRequestIdListKlass = {
- BAD_CAST "xkms-server-request-ids-list",
- NULL, /* xmlSecPtrDuplicateItemMethod duplicateItem; */
- NULL, /* xmlSecPtrDestroyItemMethod destroyItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugDump, /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
- (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
-};
-
-xmlSecPtrListId
-xmlSecXkmsServerRequestIdListGetKlass(void) {
- return(&xmlSecXkmsServerRequestIdListKlass);
-}
-
-int
-xmlSecXkmsServerRequestIdListFind(xmlSecPtrListPtr list, xmlSecXkmsServerRequestId id) {
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), -1);
- xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- if((xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i) == id) {
- return(1);
- }
- }
- return(0);
-}
-
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name) {
- xmlSecXkmsServerRequestId id;
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), xmlSecXkmsServerRequestIdUnknown);
- xmlSecAssert2(name != NULL, xmlSecXkmsServerRequestIdUnknown);
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
- if((id != xmlSecXkmsServerRequestIdUnknown) && xmlStrEqual(id->name, name)) {
- return(id);
- }
- }
- return(xmlSecXkmsServerRequestIdUnknown);
-}
-
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestIdListFindByNode(xmlSecPtrListPtr list, xmlNodePtr node) {
- xmlSecXkmsServerRequestId id;
- xmlSecSize i, size;
-
- xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), xmlSecXkmsServerRequestIdUnknown);
- xmlSecAssert2(node != NULL, xmlSecXkmsServerRequestIdUnknown);
-
- size = xmlSecPtrListGetSize(list);
- for(i = 0; i < size; ++i) {
- id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
- if((id != xmlSecXkmsServerRequestIdUnknown) &&
- xmlSecCheckNodeName(node, id->requestNodeName, id->requestNodeNs)) {
-
- return(id);
- }
- }
- return(xmlSecXkmsServerRequestIdUnknown);
-}
-
-/********************************************************************
- *
- * XML Sec Library ServerRequest Ids
- *
- *******************************************************************/
-
-
-/********************************************************************
- *
- * Result response
- *
- *******************************************************************/
-static int xmlSecXkmsServerRequestResultNodeWrite (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-
-static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestResultKlass = {
- xmlSecXkmsServerRequestResultName, /* const xmlChar* name; */
- NULL, /* const xmlChar* requestNodeName; */
- NULL, /* const xmlChar* requestNodeNs; */
- xmlSecNodeResult, /* const xmlChar* responseNodeName; */
- xmlSecXkmsNs, /* const xmlChar* responseNodeNs; */
- 0, /* xmlSecBitMask flags; */
- NULL, /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
- xmlSecXkmsServerRequestResultNodeWrite, /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
- NULL, /* xmlSecXkmsServerRequestExecuteMethod execute; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsServerRequestResultGetKlass:
- *
- * The Result response klass.
- *
- * Returns: Result response klass.
- */
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestResultGetKlass(void) {
- return(&xmlSecXkmsServerRequestResultKlass);
-}
-
-static int
-xmlSecXkmsServerRequestResultNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestResultId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* set missing parameters (if any) */
- if(ctx->service == NULL) {
- ctx->service = xmlStrdup((ctx->expectedService != NULL) ? ctx->expectedService : BAD_CAST "");
- if(ctx->service == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
-
- /* first write the "parent" type */
- ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResultTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/********************************************************************
- *
- * StatusRequest/StatusResponse
- *
- *******************************************************************/
-static int xmlSecXkmsServerRequestStatusNodeRead (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestStatusNodeWrite (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-
-static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestStatusKlass = {
- xmlSecXkmsServerRequestStatusName, /* const xmlChar* name; */
- xmlSecNodeStatusRequest, /* const xmlChar* requestNodeName; */
- xmlSecXkmsNs, /* const xmlChar* requestNodeNs; */
- xmlSecNodeStatusResult, /* const xmlChar* responseNodeName; */
- xmlSecXkmsNs, /* const xmlChar* responseNodeNs; */
- 0, /* xmlSecBitMask flags; */
- xmlSecXkmsServerRequestStatusNodeRead, /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
- xmlSecXkmsServerRequestStatusNodeWrite, /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
- NULL, /* xmlSecXkmsServerRequestExecuteMethod execute; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsServerRequestStatusGetKlass:
- *
- * The StatusRequest klass.
- *
- * Returns: StatusRequest klass.
- */
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestStatusGetKlass(void) {
- return(&xmlSecXkmsServerRequestStatusKlass);
-}
-
-/**
- *
- * <xkms:StatusRequest Id Service Nonce? OriginalRequestId? ResponseLimit? ResponseId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- *
- * XML Schema:
- * <!-- StatusRequest -->
- * <element name="StatusRequest" type="xkms:StatusRequestType"/>
- * <complexType name="StatusRequestType">
- * <complexContent>
- * <extension base="xkms:PendingRequestType"/>
- * </complexContent>
- * </complexType>
- * <!-- /StatusRequest -->
- */
-static int
-xmlSecXkmsServerRequestStatusNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestStatusId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = node;
-
- /* first read "parent" type */
- ret = xmlSecXkmsServerCtxPendingRequestNodeRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxPendingRequestNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* check that there is nothing after the last node */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- *
- * <xkms:StatusResult Id Service Nonce? ResultMajor ResultMinor? RequestId? Success? Failure? Pending?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:RequestSignatureValue>*
- *
- * XML Schema:
- *
- * <!-- StatusResult -->
- * <element name="StatusResult" type="xkms:StatusResultType"/>
- * <complexType name="StatusResultType">
- * <complexContent>
- * <extension base="xkms:ResultType">
- * <attribute name="Success" type="integer" use="optional"/>
- * <attribute name="Failure" type="integer" use="optional"/>
- * <attribute name="Pending" type="integer" use="optional"/>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /StatusResult --> *
- */
-static int
-xmlSecXkmsServerRequestStatusNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestStatusId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first write the "parent" type */
- ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResultTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* todo: add optional StatusResult attributes */
- return(0);
-}
-
-/********************************************************************
- *
- * CompoundRequest/CompoundResponse
- *
- *******************************************************************/
-static int xmlSecXkmsServerRequestCompoundNodeRead (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestCompoundExecute (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx);
-
-static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestCompoundKlass = {
- xmlSecXkmsServerRequestCompoundName, /* const xmlChar* name; */
- xmlSecNodeCompoundRequest, /* const xmlChar* requestNodeName; */
- xmlSecXkmsNs, /* const xmlChar* requestNodeNs; */
- xmlSecNodeCompoundResult, /* const xmlChar* responseNodeName; */
- xmlSecXkmsNs, /* const xmlChar* responseNodeNs; */
- 0, /* xmlSecBitMask flags; */
- xmlSecXkmsServerRequestCompoundNodeRead, /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
- xmlSecXkmsServerRequestCompoundNodeWrite, /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
- xmlSecXkmsServerRequestCompoundExecute, /* xmlSecXkmsServerRequestExecuteMethod execute; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsServerRequestCompoundGetKlass:
- *
- * The CompoundRequest klass.
- *
- * Returns: CompoundRequest klass.
- */
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestCompoundGetKlass(void) {
- return(&xmlSecXkmsServerRequestCompoundKlass);
-}
-
-/**
- * <xkms:CompoundRequest Id Service Nonce? OriginalRequestId? ResponseLimit?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- * (
- * <xkms:LocateRequest>?
- * <xkms:ValidateRequest>?
- * <xkms:RegisterRequest>?
- * <xkms:ReissueRequest>?
- * <xkms:RecoverRequest>?
- * <xkms:RevokeRequest>?
- * )*
- *
- * XML Schema:
- *
- * <!-- CompoundRequest -->
- * <element name="CompoundRequest" type="xkms:CompoundRequestType"/>
- * <complexType name="CompoundRequestType">
- * <complexContent>
- * <extension base="xkms:RequestAbstractType">
- * <choice maxOccurs="unbounded">
- * <element ref="xkms:LocateRequest"/>
- * <element ref="xkms:ValidateRequest"/>
- * <element ref="xkms:RegisterRequest"/>
- * <element ref="xkms:ReissueRequest"/>
- * <element ref="xkms:RecoverRequest"/>
- * <element ref="xkms:RevokeRequest"/>
- * </choice>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /CompoundRequest -->
- */
-static int
-xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecPtrListPtr serverRequestIdsList;
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestCompoundId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = node;
-
- /* first read "parent" type */
- ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* create list for compound requests */
- xmlSecAssert2(ctx->compoundRequestContexts == NULL, -1);
- ctx->compoundRequestContexts = xmlSecPtrListCreate(xmlSecXkmsServerCtxPtrListId);
- if(ctx->compoundRequestContexts == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* get the list of enabled or all request klasses */
- if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
- serverRequestIdsList = &(ctx->enabledServerRequestIds);
- } else {
- serverRequestIdsList = xmlSecXkmsServerRequestIdsGet();
- }
- xmlSecAssert2(serverRequestIdsList != NULL, -1);
-
- while(cur != NULL) {
- xmlSecXkmsServerCtxPtr ctxChild;
-
- /* create a new context */
- ctxChild = xmlSecXkmsServerCtxCreate(ctx->keyInfoReadCtx.keysMngr);
- if(ctxChild == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* copy all settings from us */
- ret = xmlSecXkmsServerCtxCopyUserPref(ctxChild, ctx);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxCopyUserPref",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxDestroy(ctxChild);
- return(-1);
- }
-
- /* add it to the list */
- ret = xmlSecPtrListAdd(ctx->compoundRequestContexts, ctxChild);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxDestroy(ctxChild);
- return(-1);
- }
-
- /* and now process request from current node */
- ctxChild->requestId = xmlSecXkmsServerRequestIdListFindByNode(serverRequestIdsList, cur);
- if((ctxChild->requestId == xmlSecXkmsServerRequestIdUnknown) ||
- ((ctxChild->requestId->flags & XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND) == 0)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdListFindByNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(node->name));
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
- return(-1);
- }
-
- ret = xmlSecXkmsServerRequestNodeRead(ctxChild->requestId, ctxChild, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "request=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
- xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* check that there is nothing after the last node */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:CompoundResult Id Service Nonce? ResultMajor ResultMinor? RequestId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:RequestSignatureValue>*
- * (
- * <xkms:LocateResult>?
- * <xkms:ValidateResult>?
- * <xkms:RegisterResult>?
- * <xkms:ReissueResult>?
- * <xkms:RecoverResult>?
- * <xkms:RevokeResult>?
- * )*
- *
- *
- * XML Schema:
- *
- * <!-- CompoundResponse -->
- * <element name="CompoundResult" type="xkms:CompoundResultType"/>
- * <complexType name="CompoundResultType">
- * <complexContent>
- * <extension base="xkms:ResultType">
- * <choice maxOccurs="unbounded">
- * <element ref="xkms:LocateResult"/>
- * <element ref="xkms:ValidateResult"/>
- * <element ref="xkms:RegisterResult"/>
- * <element ref="xkms:ReissueResult"/>
- * <element ref="xkms:RecoverResult"/>
- * <element ref="xkms:RevokeResult"/>
- * </choice>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /CompoundResponse -->
- */
-static int
-xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestCompoundId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* walk thru the list of chilren and pickup first error */
- if(ctx->compoundRequestContexts != NULL) {
- xmlSecSize pos;
-
- for(pos = 0; pos < xmlSecPtrListGetSize(ctx->compoundRequestContexts); pos++) {
- xmlSecXkmsServerCtxPtr ctxChild;
-
- ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
- if(ctxChild == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListGetItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- if(ctxChild->resultMajor != xmlSecXkmsResultMajorSuccess) {
- xmlSecXkmsServerCtxSetResult(ctx, ctxChild->resultMajor, ctxChild->resultMinor);
- break;
- }
- }
- }
-
- /* first write the "parent" type */
- ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResultTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* write compound result */
- if(ctx->compoundRequestContexts != NULL) {
- xmlSecSize pos;
-
- for(pos = 0; pos < xmlSecPtrListGetSize(ctx->compoundRequestContexts); pos++) {
- xmlSecXkmsServerCtxPtr ctxChild;
- xmlNodePtr cur;
-
- ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
- if(ctxChild == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListGetItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- cur = xmlSecXkmsServerRequestNodeWrite(ctxChild->requestId, ctxChild, node->doc, node);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "request=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
- return(-1);
- }
-
- if(xmlSecAddChildNode(node, cur) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChildNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlFreeNode(cur);
- return(-1);
- }
- }
- }
-
- return(0);
-}
-
-static int
-xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestCompoundId, -1);
- xmlSecAssert2(ctx != NULL, -1);
-
- if(ctx->compoundRequestContexts != NULL) {
- xmlSecSize pos;
-
- for(pos = 0; pos < xmlSecPtrListGetSize(ctx->compoundRequestContexts); pos++) {
- xmlSecXkmsServerCtxPtr ctxChild;
-
- ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
- if(ctxChild == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListGetItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
- continue;
- }
-
- ret = xmlSecXkmsServerRequestExecute(ctxChild->requestId, ctxChild);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestExecute",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "request=%s",
- xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
- xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
- continue;
- }
- }
- }
-
- return(0);
-}
-
-
-/********************************************************************
- *
- * LocateRequest/LocateResponse
- *
- *******************************************************************/
-static int xmlSecXkmsServerRequestLocateNodeRead (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestLocateNodeWrite (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestLocateExecute (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx);
-
-static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestLocateKlass = {
- xmlSecXkmsServerRequestLocateName, /* const xmlChar* name; */
- xmlSecNodeLocateRequest, /* const xmlChar* requestNodeName; */
- xmlSecXkmsNs, /* const xmlChar* requestNodeNs; */
- xmlSecNodeLocateResult, /* const xmlChar* responseNodeName; */
- xmlSecXkmsNs, /* const xmlChar* responseNodeNs; */
- XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND, /* xmlSecBitMask flags; */
- xmlSecXkmsServerRequestLocateNodeRead, /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
- xmlSecXkmsServerRequestLocateNodeWrite, /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
- xmlSecXkmsServerRequestLocateExecute, /* xmlSecXkmsServerRequestExecuteMethod execute; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsServerRequestLocateGetKlass:
- *
- * The LocateRequest klass.
- *
- * Returns: LocateRequest klass.
- */
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestLocateGetKlass(void) {
- return(&xmlSecXkmsServerRequestLocateKlass);
-}
-
-/**
- * <xkms:LocateRequest Id Service Nonce? OriginalRequestId? ResponseLimit?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- * <xkms:QueryKeyBinding Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:TimeInstant Time>?
- *
- * XML Schema:
- *
- * <!-- LocateRequest -->
- * <element name="LocateRequest" type="xkms:LocateRequestType"/>
- * <complexType name="LocateRequestType">
- * <complexContent>
- * <extension base="xkms:RequestAbstractType">
- * <sequence>
- * <element ref="xkms:QueryKeyBinding"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /LocateRequest -->
- */
-static int
-xmlSecXkmsServerRequestLocateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestLocateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = node;
-
- /* first read "parent" type */
- ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* now read required <xkms:QueryKeyBinding/> node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeQueryKeyBinding, xmlSecXkmsNs))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
- return(-1);
- }
-
- /* read <xkms:QueryKeyBinding/> node */
- ret = xmlSecXkmsServerCtxQueryKeyBindingNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* check that there is nothing after the last node */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:LocateResult Id Service Nonce? ResultMajor ResultMinor? RequestId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:RequestSignatureValue>*
- * (<xkms:UnverifiedKeyBinding Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:ValidityInterval NotBefore NotOnOrAfter>?
- * )*
- *
- * XML Schema:
- * <!-- LocateResult -->
- * <element name="LocateResult" type="xkms:LocateResultType"/>
- * <complexType name="LocateResultType">
- * <complexContent>
- * <extension base="xkms:ResultType">
- * <sequence>
- * <element ref="xkms:UnverifiedKeyBinding" minOccurs="0"
- * maxOccurs="unbounded"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /LocateResult -->
- */
-static int
-xmlSecXkmsServerRequestLocateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecSize pos, size;
- xmlSecKeyPtr key;
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestLocateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first write the "parent" type */
- ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResultTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* write keys in <xkms:UnverifiedKeyBinding> nodes */
- size = xmlSecPtrListGetSize(&(ctx->keys));
- for(pos = 0; pos < size; ++pos) {
- key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
- if(key == NULL) {
- continue;
- }
-
- cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
- return(-1);
- }
-
- ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, cur, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
-
- return(0);
-}
-
-static int
-xmlSecXkmsServerRequestLocateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
- xmlSecKeyPtr key = NULL;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestLocateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
-
- /* now we are ready to search for key */
- if((ctx->keyInfoReadCtx.keysMngr != NULL) && (ctx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
- /* todo: set parameters to locate but not validate the key */
- key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
- }
-
- /* check that we got what we needed */
- if((key == NULL) || (!xmlSecKeyMatch(key, NULL, &(ctx->keyInfoReadCtx.keyReq)))) {
- if(key != NULL) {
- xmlSecKeyDestroy(key);
- }
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
- return(-1);
- }
-
- xmlSecAssert2(key != NULL, -1);
- ret = xmlSecPtrListAdd(&(ctx->keys), key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDestroy(key);
- return(-1);
- }
-
- return(0);
-}
-
-
-/********************************************************************
- *
- * ValidateRequest/ValidateResponse
- *
- *******************************************************************/
-static int xmlSecXkmsServerRequestValidateNodeRead (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx,
- xmlNodePtr node);
-static int xmlSecXkmsServerRequestValidateExecute (xmlSecXkmsServerRequestId id,
- xmlSecXkmsServerCtxPtr ctx);
-
-static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestValidateKlass = {
- xmlSecXkmsServerRequestValidateName, /* const xmlChar* name; */
- xmlSecNodeValidateRequest, /* const xmlChar* requestNodeName; */
- xmlSecXkmsNs, /* const xmlChar* requestNodeNs; */
- xmlSecNodeValidateResult, /* const xmlChar* responseNodeName; */
- xmlSecXkmsNs, /* const xmlChar* responseNodeNs; */
- XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND, /* xmlSecBitMask flags; */
- xmlSecXkmsServerRequestValidateNodeRead, /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
- xmlSecXkmsServerRequestValidateNodeWrite, /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
- xmlSecXkmsServerRequestValidateExecute, /* xmlSecXkmsServerRequestExecuteMethod execute; */
- NULL, /* void* reserved1; */
- NULL /* void* reserved2; */
-};
-
-/**
- * xmlSecXkmsServerRequestValidateGetKlass:
- *
- * The ValidateRequest klass.
- *
- * Returns: ValidateRequest klass.
- */
-xmlSecXkmsServerRequestId
-xmlSecXkmsServerRequestValidateGetKlass(void) {
- return(&xmlSecXkmsServerRequestValidateKlass);
-}
-
-/**
- * <xkms:ValidateRequest Id Service Nonce? OriginalRequestId? ResponseLimit?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:ResponseMechanism>*
- * <xkms:RespondWith>*
- * <xkms:PendingNotification Mechanism Identifier>?
- * <xkms:QueryKeyBinding Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:TimeInstant Time>?
- *
- * XML Schema:
- *
- * <!-- ValidateRequest -->
- * <element name="ValidateRequest" type="xkms:ValidateRequestType"/>
- * <complexType name="ValidateRequestType">
- * <complexContent>
- * <extension base="xkms:RequestAbstractType">
- * <sequence>
- * <element ref="xkms:QueryKeyBinding"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /ValidateRequest -->
- */
-static int
-xmlSecXkmsServerRequestValidateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestValidateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- cur = node;
-
- /* first read "parent" type */
- ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* now read required <xkms:QueryKeyBinding/> node */
- if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeQueryKeyBinding, xmlSecXkmsNs))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
- return(-1);
- }
-
- /* read <xkms:QueryKeyBinding/> node */
- ret = xmlSecXkmsServerCtxQueryKeyBindingNodeRead(ctx, cur);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- cur = xmlSecGetNextElementNode(cur->next);
-
- /* check that there is nothing after the last node */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * <xkms:ValidateResult Id Service Nonce? ResultMajor ResultMinor? RequestId?>
- * <ds:Signature>?
- * <xkms:MessageExtension>*
- * (<xkms:OpaqueClientData>
- * <xkms:OpaqueData>?
- * )?
- * <xkms:RequestSignatureValue>*
- * (<xkms:KeyBinding Id?>
- * <ds:KeyInfo>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:KeyUsage>?
- * <xkms:UseKeyWith Application Identifier>*
- * <xkms:ValidityInterval NotBefore NotOnOrAfter>?
- * <xkms:Status StatusValue>
- * (<xkms:ValidReason>?
- * <xkms:IndeterminateReason>?
- * <xkms:InvalidReason>?
- * )*
- * )*
- *
- * XML Schema:
- *
- * <!-- ValidateResult -->
- * <element name="ValidateResult" type="xkms:ValidateResultType"/>
- * <complexType name="ValidateResultType">
- * <complexContent>
- * <extension base="xkms:ResultType">
- * <sequence>
- * <element ref="xkms:KeyBinding" minOccurs="0"
- * maxOccurs="unbounded"/>
- * </sequence>
- * </extension>
- * </complexContent>
- * </complexType>
- * <!-- /ValidateResult -->
- */
-static int
-xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
- xmlSecSize pos, size;
- xmlSecKeyPtr key;
- xmlNodePtr cur;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestValidateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
- xmlSecAssert2(node != NULL, -1);
-
- /* first write the "parent" type */
- ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxResultTypeNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* write keys in <xkms:UnverifiedKeyBinding> nodes */
- size = xmlSecPtrListGetSize(&(ctx->keys));
- for(pos = 0; pos < size; ++pos) {
- key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
- if(key == NULL) {
- continue;
- }
-
- cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
- if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
- return(-1);
- }
-
- ret = xmlSecXkmsServerCtxKeyBindingNodeWrite(ctx, cur, key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerCtxKeyBindingNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
-
- return(0);
-}
-
-static int
-xmlSecXkmsServerRequestValidateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
- xmlSecKeyPtr key = NULL;
- int ret;
-
- xmlSecAssert2(id == xmlSecXkmsServerRequestValidateId, -1);
- xmlSecAssert2(ctx != NULL, -1);
-
- /* now we are ready to search for key */
- if((ctx->keyInfoReadCtx.keysMngr != NULL) && (ctx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
- key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
- }
-
- /* check that we got what we needed */
- if((key == NULL) || (!xmlSecKeyMatch(key, NULL, &(ctx->keyInfoReadCtx.keyReq)))) {
- if(key != NULL) {
- xmlSecKeyDestroy(key);
- }
- xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
- return(-1);
- }
-
- xmlSecAssert2(key != NULL, -1);
- ret = xmlSecPtrListAdd(&(ctx->keys), key);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDestroy(key);
- return(-1);
- }
-
- return(0);
-}
-
-#endif /* XMLSEC_NO_XKMS */
-
diff --git a/src/xmldsig.c b/src/xmldsig.c
index d48a2ca7..ff340f77 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -8,7 +8,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -36,23 +36,27 @@
* xmlSecDSigCtx
*
*************************************************************************/
-static int xmlSecDSigCtxProcessSignatureNode (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node);
-static int xmlSecDSigCtxProcessSignedInfoNode (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node);
-static int xmlSecDSigCtxProcessKeyInfoNode (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node);
-static int xmlSecDSigCtxProcessObjectNode (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node);
-static int xmlSecDSigCtxProcessManifestNode (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node);
-static int xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node, int noHash, void* pList);
-static int xmlSecDSigCtxProcessSignedInfoNodeEx (xmlSecDSigCtxPtr dsigCtx,
- xmlNodePtr node, int noHash, void* pList);
-static int xmlSecDSigReferenceCtxProcessNodeEx (xmlSecDSigReferenceCtxPtr dsigRefCtx,
- xmlNodePtr node, int noHash, void* pList);
-
+static int xmlSecDSigCtxProcessSignatureNode (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node);
+static int xmlSecDSigCtxProcessSignedInfoNode (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node,
+ xmlNodePtr * firstReferenceNode);
+static int xmlSecDSigCtxProcessKeyInfoNode (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node);
+static int xmlSecDSigCtxProcessObjectNode (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node);
+static int xmlSecDSigCtxProcessManifestNode (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node);
+static int xmlSecDSigCtxProcessReferences (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr firstReferenceNode);
+
+/* Tizen : Support for various validation mode */
+static int xmlSecDSigCtxProcessSignatureNodeEx (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node, int noHash, void* pList);
+static int xmlSecDSigCtxProcessSignedInfoNodeEx (xmlSecDSigCtxPtr dsigCtx,
+ xmlNodePtr node, int noHash, void* pList);
+static int xmlSecDSigReferenceCtxProcessNodeEx (xmlSecDSigReferenceCtxPtr dsigRefCtx,
+ xmlNodePtr node, int noHash, void* pList);
/* The ID attribute in XMLDSig is 'Id' */
static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL };
@@ -85,7 +89,7 @@ xmlSecDSigCtxCreate(xmlSecKeysMngrPtr keysMngr) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecDSigCtx)=%d",
- sizeof(xmlSecDSigCtx));
+ (int)sizeof(xmlSecDSigCtx));
return(NULL);
}
@@ -172,10 +176,26 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
}
/* references lists from SignedInfo and Manifest elements */
- xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
- xmlSecDSigReferenceCtxListId);
- xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
- xmlSecDSigReferenceCtxListId);
+ ret = xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
+ xmlSecDSigReferenceCtxListId);
+ if(ret != 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecPtrListInitialize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(ret);
+ }
+ ret = xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
+ xmlSecDSigReferenceCtxListId);
+ if(ret != 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecPtrListInitialize",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(ret);
+ }
dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeAny;
return(0);
@@ -466,6 +486,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
xmlSecTransformDataType firstType;
xmlNodePtr signedInfoNode = NULL;
xmlNodePtr keyInfoNode = NULL;
+ xmlNodePtr firstReferenceNode = NULL;
xmlNodePtr cur;
int ret;
@@ -554,7 +575,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
}
/* now validated all the references and prepare transform */
- ret = xmlSecDSigCtxProcessSignedInfoNode(dsigCtx, signedInfoNode);
+ ret = xmlSecDSigCtxProcessSignedInfoNode(dsigCtx, signedInfoNode, &firstReferenceNode);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -563,15 +584,12 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
- /* references processing might change the status */
- if(dsigCtx->status != xmlSecDSigStatusUnknown) {
- return(0);
- }
/* as the result, we should have sign and c14n methods set */
xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
xmlSecAssert2(dsigCtx->c14nMethod != NULL, -1);
+ /* now read key info node */
ret = xmlSecDSigCtxProcessKeyInfoNode(dsigCtx, keyInfoNode);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -584,6 +602,21 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* as the result, we should have a key */
xmlSecAssert2(dsigCtx->signKey != NULL, -1);
+ /* now actually process references and calculate digests */
+ ret = xmlSecDSigCtxProcessReferences(dsigCtx, firstReferenceNode);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecDSigCtxProcessReferences",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ /* references processing might change the status */
+ if(dsigCtx->status != xmlSecDSigStatusUnknown) {
+ return(0);
+ }
+
/* if we need to write result to xml node then we need base64 encode result */
if(dsigCtx->operation == xmlSecTransformOperationSign) {
xmlSecTransformPtr base64Encode;
@@ -679,18 +712,18 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
*
*/
static int
-xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
- xmlSecDSigReferenceCtxPtr dsigRefCtx;
+xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xmlNodePtr * firstReferenceNode) {
+ xmlSecSize refNodesCount = 0;
xmlNodePtr cur;
- int ret;
xmlSecAssert2(dsigCtx != NULL, -1);
xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
xmlSecAssert2(dsigCtx->signMethod == NULL, -1);
xmlSecAssert2(dsigCtx->c14nMethod == NULL, -1);
xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1);
- xmlSecAssert2(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0, -1);
xmlSecAssert2(node != NULL, -1);
+ xmlSecAssert2(firstReferenceNode != NULL, -1);
+ xmlSecAssert2((*firstReferenceNode) == NULL, -1);
/* first node is required CanonicalizationMethod. */
cur = xmlSecGetNextElementNode(node->children);
@@ -784,9 +817,71 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
}
dsigCtx->signMethod->operation = dsigCtx->operation;
- /* calculate references */
- cur = xmlSecGetNextElementNode(cur->next);
+ /* read references */
+ if(cur != NULL) {
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs))) {
+ /* record first reference node */
+ if((*firstReferenceNode) == NULL) {
+ (*firstReferenceNode) = cur;
+ }
+ ++refNodesCount;
+
+ /* go to next */
+ cur = xmlSecGetNextElementNode(cur->next);
+ }
+
+ /* check that we have at least one Reference */
+ if(refNodesCount == 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* if there is something left than it's an error */
+ if(cur != NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ /* done */
+ return(0);
+}
+
+
+static int
+xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferenceNode) {
+ xmlSecDSigReferenceCtxPtr dsigRefCtx;
+ xmlNodePtr cur;
+ int ret;
+
+ xmlSecAssert2(dsigCtx != NULL, -1);
+ xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
+ xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1);
+ xmlSecAssert2(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0, -1);
+ xmlSecAssert2(firstReferenceNode != NULL, -1);
+
+ /* process references */
+ for(cur = firstReferenceNode; (cur != NULL); cur = xmlSecGetNextElementNode(cur->next)) {
+ /* already checked but we trust none */
+ if(!xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+ XMLSEC_ERRORS_R_INVALID_NODE,
+ "expected=%s",
+ xmlSecErrorsSafeString(xmlSecNodeReference));
+ return(-1);
+ }
+
/* create reference */
dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
if(dsigRefCtx == NULL) {
@@ -827,31 +922,13 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
dsigCtx->status = xmlSecDSigStatusInvalid;
return(0);
}
- cur = xmlSecGetNextElementNode(cur->next);
- }
-
- /* check that we have at least one Reference */
- if(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
}
- /* if there is something left than it's an error */
- if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
+ /* done */
return(0);
}
+
static int
xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
int ret;
@@ -1130,9 +1207,9 @@ xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
(xmlSecBufferGetData(dsigCtx->result) != NULL)) {
fprintf(output, "== Result - start buffer:\n");
- fwrite(xmlSecBufferGetData(dsigCtx->result),
- xmlSecBufferGetSize(dsigCtx->result),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(dsigCtx->result),
+ xmlSecBufferGetSize(dsigCtx->result),
+ 1, output);
fprintf(output, "\n== Result - end buffer\n");
}
if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
@@ -1140,9 +1217,9 @@ xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
fprintf(output, "== PreSigned data - start buffer:\n");
- fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
- xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+ xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+ 1, output);
fprintf(output, "\n== PreSigned data - end buffer\n");
}
}
@@ -1219,9 +1296,9 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
(xmlSecBufferGetData(dsigCtx->result) != NULL)) {
fprintf(output, "<Result>");
- fwrite(xmlSecBufferGetData(dsigCtx->result),
- xmlSecBufferGetSize(dsigCtx->result),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(dsigCtx->result),
+ xmlSecBufferGetSize(dsigCtx->result),
+ 1, output);
fprintf(output, "</Result>\n");
}
if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
@@ -1229,9 +1306,9 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
fprintf(output, "<PreSignedData>");
- fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
- xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+ xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+ 1, output);
fprintf(output, "</PreSignedData>\n");
}
@@ -1272,7 +1349,7 @@ xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx, xmlSecDSigReferenceOrigin
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecDSigReferenceCtx)=%d",
- sizeof(xmlSecDSigReferenceCtx));
+ (int)sizeof(xmlSecDSigReferenceCtx));
return(NULL);
}
@@ -1685,9 +1762,9 @@ xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* outp
(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
fprintf(output, "== PreDigest data - start buffer:\n");
- fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
- xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+ xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+ 1, output);
fprintf(output, "\n== PreDigest data - end buffer\n");
}
@@ -1695,9 +1772,9 @@ xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* outp
(xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
fprintf(output, "== Result - start buffer:\n");
- fwrite(xmlSecBufferGetData(dsigRefCtx->result),
- xmlSecBufferGetSize(dsigRefCtx->result), 1,
- output);
+ (void)fwrite(xmlSecBufferGetData(dsigRefCtx->result),
+ xmlSecBufferGetSize(dsigRefCtx->result), 1,
+ output);
fprintf(output, "\n== Result - end buffer\n");
}
}
@@ -1758,9 +1835,9 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
(xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
fprintf(output, "<Result>");
- fwrite(xmlSecBufferGetData(dsigRefCtx->result),
- xmlSecBufferGetSize(dsigRefCtx->result), 1,
- output);
+ (void)fwrite(xmlSecBufferGetData(dsigRefCtx->result),
+ xmlSecBufferGetSize(dsigRefCtx->result), 1,
+ output);
fprintf(output, "</Result>\n");
}
@@ -1768,9 +1845,9 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
fprintf(output, "<PreDigestData>");
- fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
- xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
- 1, output);
+ (void)fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+ xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+ 1, output);
fprintf(output, "</PreDigestData>\n");
}
if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
diff --git a/src/xmlenc.c b/src/xmlenc.c
index 44c98779..36c7bcad 100644
--- a/src/xmlenc.c
+++ b/src/xmlenc.c
@@ -7,7 +7,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -65,7 +65,7 @@ xmlSecEncCtxCreate(xmlSecKeysMngrPtr keysMngr) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecEncCtx)=%d",
- sizeof(xmlSecEncCtx));
+ (int)sizeof(xmlSecEncCtx));
return(NULL);
}
@@ -1218,9 +1218,9 @@ xmlSecEncCtxDebugDump(xmlSecEncCtxPtr encCtx, FILE* output) {
(encCtx->resultBase64Encoded != 0)) {
fprintf(output, "== Result - start buffer:\n");
- fwrite(xmlSecBufferGetData(encCtx->result),
- xmlSecBufferGetSize(encCtx->result), 1,
- output);
+ (void)fwrite(xmlSecBufferGetData(encCtx->result),
+ xmlSecBufferGetSize(encCtx->result), 1,
+ output);
fprintf(output, "\n== Result - end buffer\n");
}
}
@@ -1311,9 +1311,9 @@ xmlSecEncCtxDebugXmlDump(xmlSecEncCtxPtr encCtx, FILE* output) {
(encCtx->resultBase64Encoded != 0)) {
fprintf(output, "<Result>");
- fwrite(xmlSecBufferGetData(encCtx->result),
- xmlSecBufferGetSize(encCtx->result), 1,
- output);
+ (void)fwrite(xmlSecBufferGetData(encCtx->result),
+ xmlSecBufferGetSize(encCtx->result), 1,
+ output);
fprintf(output, "</Result>\n");
}
diff --git a/src/xmlsec.c b/src/xmlsec.c
index 8b6d0cab..6098d3c5 100644
--- a/src/xmlsec.c
+++ b/src/xmlsec.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -21,7 +21,6 @@
#include <xmlsec/transforms.h>
#include <xmlsec/app.h>
#include <xmlsec/io.h>
-#include <xmlsec/xkms.h>
#include <xmlsec/errors.h>
/**
@@ -66,24 +65,7 @@ xmlSecInit(void) {
return(-1);
}
-#ifndef XMLSEC_NO_XKMS
- if(xmlSecXkmsRespondWithIdsInit() < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsRespondWithIdsInit",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- if(xmlSecXkmsServerRequestIdsInit() < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecXkmsServerRequestIdsInit",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-#endif /* XMLSEC_NO_XKMS */
+
/* we use rand() function to generate id attributes */
srand(time(NULL));
@@ -101,11 +83,6 @@ int
xmlSecShutdown(void) {
int res = 0;
-#ifndef XMLSEC_NO_XKMS
- xmlSecXkmsServerRequestIdsShutdown();
- xmlSecXkmsRespondWithIdsShutdown();
-#endif /* XMLSEC_NO_XKMS */
-
xmlSecTransformIdsShutdown();
xmlSecKeyDataIdsShutdown();
@@ -126,6 +103,17 @@ xmlSecShutdown(void) {
}
/**
+ * xmlSecShutdown:
+ *
+ * Gets the default crypto engine ("openssl", "nss", etc.) for the XML Security Library.
+ *
+ * Returns: the default crypto engine ("openssl", "nss", etc.).
+ */
+const xmlChar * xmlSecGetDefaultCrypto(void) {
+ return BAD_CAST XMLSEC_DEFAULT_CRYPTO;
+}
+
+/**
* xmlSecCheckVersionExt:
* @major: the major version number.
* @minor: the minor version number.
diff --git a/src/xmltree.c b/src/xmltree.c
index 27ad09e2..7084f696 100644
--- a/src/xmltree.c
+++ b/src/xmltree.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
diff --git a/src/xpath.c b/src/xpath.c
index e67631e7..8b0cf799 100644
--- a/src/xpath.c
+++ b/src/xpath.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -91,7 +91,7 @@ xmlSecXPathDataCreate(xmlSecXPathDataType type) {
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"sizeof(xmlSecXPathData)=%d",
- sizeof(xmlSecXPathData));
+ (int)sizeof(xmlSecXPathData));
return(NULL);
}
memset(data, 0, sizeof(xmlSecXPathData));
@@ -285,17 +285,17 @@ xmlSecXPathDataExecute(xmlSecXPathDataPtr data, xmlDocPtr doc, xmlNodePtr hereNo
to reserve NULL for our own purposes so we simply create an empty
node set here */
if(xpathObj->nodesetval == NULL) {
- xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
- if(xpathObj->nodesetval == NULL) {
- xmlXPathFreeObject(xpathObj);
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
+ xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
+ if(xpathObj->nodesetval == NULL) {
+ xmlXPathFreeObject(xpathObj);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
"xmlXPathNodeSetCreate",
XMLSEC_ERRORS_R_XML_FAILED,
"expr=%s",
xmlSecErrorsSafeString(data->expr));
- return(NULL);
- }
+ return(NULL);
+ }
}
nodes = xmlSecNodeSetCreate(doc, xpathObj->nodesetval, data->nodeSetType);
@@ -613,7 +613,7 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"size=%d",
- xmlStrlen(data->expr) + strlen(xpathPattern) + 1);
+ (int)(xmlStrlen(data->expr) + strlen(xpathPattern) + 1));
return(-1);
}
sprintf((char*)tmp, xpathPattern, (char*)data->expr);
@@ -1160,6 +1160,3 @@ xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last,
}
return(0);
}
-
-
-
diff --git a/src/xslt.c b/src/xslt.c
index 0353a251..e5470587 100644
--- a/src/xslt.c
+++ b/src/xslt.c
@@ -6,7 +6,7 @@
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
#include "globals.h"
@@ -584,7 +584,7 @@ xmlSecXsApplyStylesheet(xmlSecXsltCtxPtr ctx, xmlDocPtr doc) {
XMLSEC_ERRORS_R_XSLT_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
goto done;
- }
+ }
/* set security prefs */
ret = xsltSetCtxtSecurityPrefs(g_xslt_default_security_prefs, xsltCtx);