diff options
Diffstat (limited to 'src/gcrypt/app.c')
-rw-r--r-- | src/gcrypt/app.c | 212 |
1 files changed, 69 insertions, 143 deletions
diff --git a/src/gcrypt/app.c b/src/gcrypt/app.c index dd5d7706..19412271 100644 --- a/src/gcrypt/app.c +++ b/src/gcrypt/app.c @@ -1,11 +1,18 @@ -/** - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). + * * * This is free software; see Copyright file in the source * distribution for preciese wording. * * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. */ +/** + * SECTION:app + * @Short_description: Application support functions for GCrypt. + * @Stability: Stable + * + */ #include "globals.h" #include <string.h> @@ -34,6 +41,7 @@ */ int xmlSecGCryptAppInit(const char* config ATTRIBUTE_UNUSED) { + gcry_error_t err; /* Secure memory initialisation based on documentation from: http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html NOTE sample code don't check gcry_control(...) return code @@ -61,40 +69,54 @@ Noteworthy changes in version 1.4.3 (2008-09-18) */ /* Version check should be the very first call because it - makes sure that important subsystems are intialized. */ + makes sure that important subsystems are initialized. */ /* NOTE configure.in defines GCRYPT_MIN_VERSION */ if (!gcry_check_version (GCRYPT_MIN_VERSION)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_check_version", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecGCryptError2("gcry_check_version", GPG_ERR_NO_ERROR, NULL, + "min_version=%s", GCRYPT_MIN_VERSION); return(-1); } /* We don't want to see any warnings, e.g. because we have not yet parsed program options which might be used to suppress such warnings. */ - gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN); + err = gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN); + if(err != GPG_ERR_NO_ERROR) { + xmlSecGCryptError("gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN)", err, NULL); + return(-1); + } /* ... If required, other initialization goes here. Note that the process might still be running with increased privileges and that - the secure memory has not been intialized. */ + the secure memory has not been initialized. */ /* Allocate a pool of 32k secure memory. This make the secure memory available and also drops privileges where needed. */ - gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0); + err = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0); + if(err != GPG_ERR_NO_ERROR) { + xmlSecGCryptError("gcry_control(GCRYCTL_INIT_SECMEM)", err, NULL); + return(-1); + } /* It is now okay to let Libgcrypt complain when there was/is a problem with the secure memory. */ - gcry_control(GCRYCTL_RESUME_SECMEM_WARN); + err = gcry_control(GCRYCTL_RESUME_SECMEM_WARN); + if(err != GPG_ERR_NO_ERROR) { + xmlSecGCryptError("gcry_control(GCRYCTL_RESUME_SECMEM_WARN)", err, NULL); + return(-1); + } /* ... If required, other initialization goes here. */ /* Tell Libgcrypt that initialization has completed. */ - gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + if(err != GPG_ERR_NO_ERROR) { + xmlSecGCryptError("gcry_control(GCRYCTL_INITIALIZATION_FINISHED)", err, NULL); + return(-1); + } + /* done */ return(0); } @@ -112,14 +134,12 @@ xmlSecGCryptAppShutdown(void) { gcry_error_t err; err = gcry_control(GCRYCTL_TERM_SECMEM); - if (gcry_err_code(err)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gcry_control(GCRYCTL_TERM_SECMEM)", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + if(err != GPG_ERR_NO_ERROR) { + xmlSecGCryptError("gcry_control(GCRYCTL_TERM_SECMEM)", err, NULL); return(-1); } + + /* done */ return(0); } @@ -149,22 +169,14 @@ xmlSecGCryptAppKeyLoad(const char *filename, xmlSecKeyDataFormat format, ret = xmlSecBufferInitialize(&buffer, 4*1024); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecBufferInitialize", NULL); return(NULL); } ret = xmlSecBufferReadFile(&buffer, filename); if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferReadFile", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); + xmlSecInternalError2("xmlSecBufferReadFile", NULL, + "filename=%s", xmlSecErrorsSafeString(filename)); xmlSecBufferFinalize(&buffer); return(NULL); } @@ -173,12 +185,8 @@ xmlSecGCryptAppKeyLoad(const char *filename, xmlSecKeyDataFormat format, xmlSecBufferGetSize(&buffer), format, pwd, pwdCallback, pwdCallbackCtx); if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeyLoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); + xmlSecInternalError2("xmlSecGCryptAppKeyLoadMemory", NULL, + "filename=%s", xmlSecErrorsSafeString(filename)); xmlSecBufferFinalize(&buffer); return(NULL); } @@ -220,36 +228,21 @@ xmlSecGCryptAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, case xmlSecKeyDataFormatDer: key_data = xmlSecGCryptParseDer(data, dataSize, xmlSecGCryptDerKeyTypeAuto); if(key_data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptParseDer", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecGCryptParseDer", NULL); return(NULL); } break; case xmlSecKeyDataFormatPem: - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeyLoadMemory", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError("xmlSecKeyDataFormatPem"); return (NULL); #ifndef XMLSEC_NO_X509 case xmlSecKeyDataFormatPkcs12: - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeyLoadMemory", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError("xmlSecKeyDataFormatPkcs12"); return (NULL); #endif /* XMLSEC_NO_X509 */ default: - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - NULL, - XMLSEC_ERRORS_R_INVALID_FORMAT, - "format=%d", format); + xmlSecOtherError2(XMLSEC_ERRORS_R_INVALID_FORMAT, NULL, + "format=%d", (int)format); return(NULL); } @@ -257,23 +250,15 @@ xmlSecGCryptAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecAssert2(key_data != NULL, NULL); key = xmlSecKeyCreate(); if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeyCreate", NULL); xmlSecKeyDataDestroy(key_data); return(NULL); } ret = xmlSecKeySetValue(key, key_data); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeySetValue", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(key_data))); + xmlSecInternalError("xmlSecKeySetValue", + xmlSecKeyDataGetName(key_data)); xmlSecKeyDestroy(key); xmlSecKeyDataDestroy(key_data); return(NULL); @@ -304,11 +289,7 @@ xmlSecGCryptAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeyCertLoad", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(-1); } @@ -334,11 +315,7 @@ xmlSecGCryptAppKeyCertLoadMemory(xmlSecKeyPtr key, xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeyCertLoadMemory", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(-1); } @@ -364,11 +341,7 @@ xmlSecGCryptAppPkcs12Load(const char *filename, xmlSecAssert2(filename != NULL, NULL); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppPkcs12Load", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(NULL); } @@ -395,11 +368,7 @@ xmlSecGCryptAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecAssert2(dataSize > 0, NULL); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppPkcs12LoadMemory", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(NULL); } @@ -426,11 +395,7 @@ xmlSecGCryptAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeysMngrCertLoad", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(-1); } @@ -459,11 +424,7 @@ xmlSecGCryptAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); /* TODO */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptAppKeysMngrCertLoadMemory", - XMLSEC_ERRORS_R_NOT_IMPLEMENTED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNotImplementedError(NULL); return(-1); } @@ -490,21 +451,13 @@ xmlSecGCryptAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) { keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId); if(keysStore == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyStoreCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecSimpleKeysStoreId"); + xmlSecInternalError("xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId)", NULL); return(-1); } ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrAdoptKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeysMngrAdoptKeysStore", NULL); xmlSecKeyStoreDestroy(keysStore); return(-1); } @@ -512,11 +465,7 @@ xmlSecGCryptAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) { ret = xmlSecGCryptKeysMngrInit(mngr); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGCryptKeysMngrInit", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecGCryptKeysMngrInit", NULL); return(-1); } @@ -545,21 +494,13 @@ xmlSecGCryptAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL); return(-1); } ret = xmlSecSimpleKeysStoreAdoptKey(store, key); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreAdoptKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecSimpleKeysStoreAdoptKey", NULL); return(-1); } @@ -586,21 +527,14 @@ xmlSecGCryptAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) { store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL); return(-1); } ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreLoad", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "uri=%s", xmlSecErrorsSafeString(uri)); + xmlSecInternalError2("xmlSecSimpleKeysStoreLoad", NULL, + "uri=%s", xmlSecErrorsSafeString(uri)); return(-1); } @@ -627,22 +561,14 @@ xmlSecGCryptAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeysMngrGetKeysStore", NULL); return(-1); } ret = xmlSecSimpleKeysStoreSave(store, filename, type); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreSave", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); + xmlSecInternalError2("xmlSecSimpleKeysStoreSave", NULL, + "filename=%s", xmlSecErrorsSafeString(filename)); return(-1); } |