summaryrefslogtreecommitdiff
path: root/src/gcrypt/app.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gcrypt/app.c')
-rw-r--r--src/gcrypt/app.c212
1 files changed, 69 insertions, 143 deletions
diff --git a/src/gcrypt/app.c b/src/gcrypt/app.c
index dd5d7706..19412271 100644
--- a/src/gcrypt/app.c
+++ b/src/gcrypt/app.c
@@ -1,11 +1,18 @@
-/**
- * XMLSec library
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
* Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
+/**
+ * SECTION:app
+ * @Short_description: Application support functions for GCrypt.
+ * @Stability: Stable
+ *
+ */
#include "globals.h"
#include <string.h>
@@ -34,6 +41,7 @@
*/
int
xmlSecGCryptAppInit(const char* config ATTRIBUTE_UNUSED) {
+ gcry_error_t err;
/* Secure memory initialisation based on documentation from:
http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
NOTE sample code don't check gcry_control(...) return code
@@ -61,40 +69,54 @@ Noteworthy changes in version 1.4.3 (2008-09-18)
*/
/* Version check should be the very first call because it
- makes sure that important subsystems are intialized. */
+ makes sure that important subsystems are initialized. */
/* NOTE configure.in defines GCRYPT_MIN_VERSION */
if (!gcry_check_version (GCRYPT_MIN_VERSION)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_check_version",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecGCryptError2("gcry_check_version", GPG_ERR_NO_ERROR, NULL,
+ "min_version=%s", GCRYPT_MIN_VERSION);
return(-1);
}
/* We don't want to see any warnings, e.g. because we have not yet
parsed program options which might be used to suppress such
warnings. */
- gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
+ err = gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
+ if(err != GPG_ERR_NO_ERROR) {
+ xmlSecGCryptError("gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN)", err, NULL);
+ return(-1);
+ }
/* ... If required, other initialization goes here. Note that the
process might still be running with increased privileges and that
- the secure memory has not been intialized. */
+ the secure memory has not been initialized. */
/* Allocate a pool of 32k secure memory. This make the secure memory
available and also drops privileges where needed. */
- gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
+ err = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
+ if(err != GPG_ERR_NO_ERROR) {
+ xmlSecGCryptError("gcry_control(GCRYCTL_INIT_SECMEM)", err, NULL);
+ return(-1);
+ }
/* It is now okay to let Libgcrypt complain when there was/is
a problem with the secure memory. */
- gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
+ err = gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
+ if(err != GPG_ERR_NO_ERROR) {
+ xmlSecGCryptError("gcry_control(GCRYCTL_RESUME_SECMEM_WARN)", err, NULL);
+ return(-1);
+ }
/* ... If required, other initialization goes here. */
/* Tell Libgcrypt that initialization has completed. */
- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+ err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+ if(err != GPG_ERR_NO_ERROR) {
+ xmlSecGCryptError("gcry_control(GCRYCTL_INITIALIZATION_FINISHED)", err, NULL);
+ return(-1);
+ }
+ /* done */
return(0);
}
@@ -112,14 +134,12 @@ xmlSecGCryptAppShutdown(void) {
gcry_error_t err;
err = gcry_control(GCRYCTL_TERM_SECMEM);
- if (gcry_err_code(err)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gcry_control(GCRYCTL_TERM_SECMEM)",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ if(err != GPG_ERR_NO_ERROR) {
+ xmlSecGCryptError("gcry_control(GCRYCTL_TERM_SECMEM)", err, NULL);
return(-1);
}
+
+ /* done */
return(0);
}
@@ -149,22 +169,14 @@ xmlSecGCryptAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
ret = xmlSecBufferInitialize(&buffer, 4*1024);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBufferInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecBufferInitialize", NULL);
return(NULL);
}
ret = xmlSecBufferReadFile(&buffer, filename);
if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBufferReadFile",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "filename=%s",
- xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecBufferReadFile", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
xmlSecBufferFinalize(&buffer);
return(NULL);
}
@@ -173,12 +185,8 @@ xmlSecGCryptAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
xmlSecBufferGetSize(&buffer),
format, pwd, pwdCallback, pwdCallbackCtx);
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeyLoadMemory",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "filename=%s",
- xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecGCryptAppKeyLoadMemory", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
xmlSecBufferFinalize(&buffer);
return(NULL);
}
@@ -220,36 +228,21 @@ xmlSecGCryptAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
case xmlSecKeyDataFormatDer:
key_data = xmlSecGCryptParseDer(data, dataSize, xmlSecGCryptDerKeyTypeAuto);
if(key_data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptParseDer",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGCryptParseDer", NULL);
return(NULL);
}
break;
case xmlSecKeyDataFormatPem:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeyLoadMemory",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError("xmlSecKeyDataFormatPem");
return (NULL);
#ifndef XMLSEC_NO_X509
case xmlSecKeyDataFormatPkcs12:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeyLoadMemory",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError("xmlSecKeyDataFormatPkcs12");
return (NULL);
#endif /* XMLSEC_NO_X509 */
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_FORMAT,
- "format=%d", format);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL,
+ "format=%d", (int)format);
return(NULL);
}
@@ -257,23 +250,15 @@ xmlSecGCryptAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
xmlSecAssert2(key_data != NULL, NULL);
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyCreate", NULL);
xmlSecKeyDataDestroy(key_data);
return(NULL);
}
ret = xmlSecKeySetValue(key, key_data);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(key_data)));
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(key_data));
xmlSecKeyDestroy(key);
xmlSecKeyDataDestroy(key_data);
return(NULL);
@@ -304,11 +289,7 @@ xmlSecGCryptAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeyCertLoad",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(-1);
}
@@ -334,11 +315,7 @@ xmlSecGCryptAppKeyCertLoadMemory(xmlSecKeyPtr key,
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeyCertLoadMemory",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(-1);
}
@@ -364,11 +341,7 @@ xmlSecGCryptAppPkcs12Load(const char *filename,
xmlSecAssert2(filename != NULL, NULL);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppPkcs12Load",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(NULL);
}
@@ -395,11 +368,7 @@ xmlSecGCryptAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
xmlSecAssert2(dataSize > 0, NULL);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppPkcs12LoadMemory",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(NULL);
}
@@ -426,11 +395,7 @@ xmlSecGCryptAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr,
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeysMngrCertLoad",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(-1);
}
@@ -459,11 +424,7 @@ xmlSecGCryptAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptAppKeysMngrCertLoadMemory",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError(NULL);
return(-1);
}
@@ -490,21 +451,13 @@ xmlSecGCryptAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
if(keysStore == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyStoreCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecSimpleKeysStoreId");
+ xmlSecInternalError("xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId)", NULL);
return(-1);
}
ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrAdoptKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrAdoptKeysStore", NULL);
xmlSecKeyStoreDestroy(keysStore);
return(-1);
}
@@ -512,11 +465,7 @@ xmlSecGCryptAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
ret = xmlSecGCryptKeysMngrInit(mngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGCryptKeysMngrInit",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGCryptKeysMngrInit", NULL);
return(-1);
}
@@ -545,21 +494,13 @@ xmlSecGCryptAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key)
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL);
return(-1);
}
ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSimpleKeysStoreAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecSimpleKeysStoreAdoptKey", NULL);
return(-1);
}
@@ -586,21 +527,14 @@ xmlSecGCryptAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL);
return(-1);
}
ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSimpleKeysStoreLoad",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "uri=%s", xmlSecErrorsSafeString(uri));
+ xmlSecInternalError2("xmlSecSimpleKeysStoreLoad", NULL,
+ "uri=%s", xmlSecErrorsSafeString(uri));
return(-1);
}
@@ -627,22 +561,14 @@ xmlSecGCryptAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename,
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL);
return(-1);
}
ret = xmlSecSimpleKeysStoreSave(store, filename, type);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecSimpleKeysStoreSave",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "filename=%s",
- xmlSecErrorsSafeString(filename));
+ xmlSecInternalError2("xmlSecSimpleKeysStoreSave", NULL,
+ "filename=%s", xmlSecErrorsSafeString(filename));
return(-1);
}