diff options
Diffstat (limited to 'src/gnutls/app.c')
-rw-r--r-- | src/gnutls/app.c | 1047 |
1 files changed, 274 insertions, 773 deletions
diff --git a/src/gnutls/app.c b/src/gnutls/app.c index 856257f3..54da1999 100644 --- a/src/gnutls/app.c +++ b/src/gnutls/app.c @@ -1,15 +1,17 @@ -/** +/** * XMLSec library * * This is free software; see Copyright file in the source * distribution for preciese wording. - * + * * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> */ #include "globals.h" #include <string.h> +#include <gnutls/gnutls.h> + #include <xmlsec/xmlsec.h> #include <xmlsec/keys.h> #include <xmlsec/transforms.h> @@ -17,56 +19,38 @@ #include <xmlsec/gnutls/app.h> #include <xmlsec/gnutls/crypto.h> -#include <xmlsec/gnutls/x509.h> - -#include "x509utils.h" - -/************************************************************************** - * - * We use xmlsec-gcrypt for all the basic crypto ops - * - *****************************************************************************/ -#include <xmlsec/gcrypt/crypto.h> -#include <xmlsec/gcrypt/app.h> - -static xmlSecKeyPtr xmlSecGnuTLSAppKeyFromCertLoad (const char *filename, - xmlSecKeyDataFormat format); -static xmlSecKeyPtr xmlSecGnuTLSAppKeyFromCertLoadMemory (const xmlSecByte* data, - xmlSecSize dataSize, - xmlSecKeyDataFormat format); /** * xmlSecGnuTLSAppInit: - * @config: the path to GnuTLS configuration (unused). - * + * @config: the path to GnuTLS configuration (unused). + * * General crypto engine initialization. This function is used - * by XMLSec command line utility and called before + * by XMLSec command line utility and called before * @xmlSecInit function. * * Returns: 0 on success or a negative value otherwise. */ int -xmlSecGnuTLSAppInit(const char* config) { - int err; - - err = gnutls_global_init(); - if(err != GNUTLS_E_SUCCESS) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "gnutls_global_init", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_GNUTLS_REPORT_ERROR(err)); - return(-1); - } +xmlSecGnuTLSAppInit(const char* config ATTRIBUTE_UNUSED) { + int ret; - return(xmlSecGCryptAppInit(config)); + ret = gnutls_global_init(); + if(ret != 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "gnutls_global_init", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "ret=%d", ret); + return(-1); + } + return(0); } /** * xmlSecGnuTLSAppShutdown: - * + * * General crypto engine shutdown. This function is used - * by XMLSec command line utility and called after + * by XMLSec command line utility and called after * @xmlSecShutdown function. * * Returns: 0 on success or a negative value otherwise. @@ -74,787 +58,304 @@ xmlSecGnuTLSAppInit(const char* config) { int xmlSecGnuTLSAppShutdown(void) { gnutls_global_deinit(); - - return(xmlSecGCryptAppShutdown()); + return(0); } /** * xmlSecGnuTLSAppKeyLoad: - * @filename: the key filename. - * @format: the key file format. - * @pwd: the key file password. - * @pwdCallback: the key password callback. - * @pwdCallbackCtx: the user context for password callback. + * @filename: the key filename. + * @format: the key file format. + * @pwd: the key file password. + * @pwdCallback: the key password callback. + * @pwdCallbackCtx: the user context for password callback. * - * Reads key from the a file. + * Reads key from the a file (not implemented yet). * * Returns: pointer to the key or NULL if an error occurs. */ xmlSecKeyPtr xmlSecGnuTLSAppKeyLoad(const char *filename, xmlSecKeyDataFormat format, - const char *pwd, - void* pwdCallback, - void* pwdCallbackCtx) { - xmlSecKeyPtr key; - + const char *pwd, + void* pwdCallback, + void* pwdCallbackCtx) { xmlSecAssert2(filename != NULL, NULL); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL); + - switch(format) { -#ifndef XMLSEC_NO_X509 - case xmlSecKeyDataFormatPkcs12: - key = xmlSecGnuTLSAppPkcs12Load(filename, pwd, pwdCallback, pwdCallbackCtx); - break; - case xmlSecKeyDataFormatCertPem: - case xmlSecKeyDataFormatCertDer: - key = xmlSecGnuTLSAppKeyFromCertLoad(filename, format); - break; -#endif /* XMLSEC_NO_X509 */ - default: - key = xmlSecGCryptAppKeyLoad(filename, format, pwd, pwdCallback, pwdCallbackCtx); - break; + if (format == xmlSecKeyDataFormatPkcs12) { + return (xmlSecGnuTLSAppPkcs12Load(filename, pwd, pwdCallback, + pwdCallbackCtx)); } - return(key); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeyLoad", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(NULL); } /** * xmlSecGnuTLSAppKeyLoadMemory: - * @data: the binary key data. - * @dataSize: the size of binary key. - * @format: the key file format. - * @pwd: the key file password. - * @pwdCallback: the key password callback. - * @pwdCallbackCtx: the user context for password callback. + * @data: the binary key data. + * @dataSize: the size of binary key. + * @format: the key file format. + * @pwd: the key file password. + * @pwdCallback: the key password callback. + * @pwdCallbackCtx: the user context for password callback. * - * Reads key from the memory buffer. + * Reads key from the memory buffer (not implemented yet). * * Returns: pointer to the key or NULL if an error occurs. */ xmlSecKeyPtr -xmlSecGnuTLSAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, - xmlSecKeyDataFormat format, const char *pwd, - void* pwdCallback, void* pwdCallbackCtx) { - xmlSecKeyPtr key; - +xmlSecGnuTLSAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, + xmlSecKeyDataFormat format, const char *pwd, + void* pwdCallback, void* pwdCallbackCtx) { xmlSecAssert2(data != NULL, NULL); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL); - switch(format) { -#ifndef XMLSEC_NO_X509 - case xmlSecKeyDataFormatPkcs12: - key = xmlSecGnuTLSAppPkcs12LoadMemory(data, dataSize, pwd, pwdCallback, pwdCallbackCtx); - break; - case xmlSecKeyDataFormatCertPem: - case xmlSecKeyDataFormatCertDer: - key = xmlSecGnuTLSAppKeyFromCertLoadMemory(data, dataSize, format); - break; -#endif /* XMLSEC_NO_X509 */ - default: - key = xmlSecGCryptAppKeyLoadMemory(data, dataSize, format, pwd, pwdCallback, pwdCallbackCtx); - break; + if (format == xmlSecKeyDataFormatPkcs12) { + return (xmlSecGnuTLSAppPkcs12LoadMemory(data, dataSize, pwd, + pwdCallback, pwdCallbackCtx)); } - return(key); + + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeyLoadMemory", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(NULL); } #ifndef XMLSEC_NO_X509 /** * xmlSecGnuTLSAppKeyCertLoad: - * @key: the pointer to key. - * @filename: the certificate filename. - * @format: the certificate file format. - * - * Reads the certificate from $@filename and adds it to key. + * @key: the pointer to key. + * @filename: the certificate filename. + * @format: the certificate file format. * + * Reads the certificate from $@filename and adds it to key + * (not implemented yet). + * * Returns: 0 on success or a negative value otherwise. */ -int -xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, - xmlSecKeyDataFormat format) { - xmlSecBuffer buffer; - int ret; - +int +xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, + xmlSecKeyDataFormat format) { xmlSecAssert2(key != NULL, -1); xmlSecAssert2(filename != NULL, -1); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); - - ret = xmlSecBufferInitialize(&buffer, 4*1024); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ret = xmlSecBufferReadFile(&buffer, filename); - if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferReadFile", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(-1); - } - - ret = xmlSecGnuTLSAppKeyCertLoadMemory(key, - xmlSecBufferGetData(&buffer), - xmlSecBufferGetSize(&buffer), - format); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSAppKeyCertLoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(-1); - } - - /* cleanup */ - xmlSecBufferFinalize(&buffer); - return(0); + + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeyCertLoad", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } /** * xmlSecGnuTLSAppKeyCertLoadMemory: - * @key: the pointer to key. - * @data: the certificate binary data. - * @dataSize: the certificate binary data size. - * @format: the certificate file format. - * - * Reads the certificate from memory buffer and adds it to key. + * @key: the pointer to key. + * @data: the certificate binary data. + * @dataSize: the certificate binary data size. + * @format: the certificate file format. * + * Reads the certificate from memory buffer and adds it to key (not implemented yet). + * * Returns: 0 on success or a negative value otherwise. */ -int -xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key, - const xmlSecByte* data, - xmlSecSize dataSize, - xmlSecKeyDataFormat format) { - gnutls_x509_crt_t cert; - xmlSecKeyDataPtr keyData; - int ret; - +int +xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, + xmlSecKeyDataFormat format) { xmlSecAssert2(key != NULL, -1); xmlSecAssert2(data != NULL, -1); - xmlSecAssert2(dataSize > 0, -1); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); - keyData = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id); - if(keyData == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyEnsureData", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - cert = xmlSecGnuTLSX509CertRead(data, dataSize, format); - if(cert == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSX509CertRead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ret = xmlSecGnuTLSKeyDataX509AdoptCert(keyData, cert); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSKeyDataX509AdoptCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - gnutls_x509_crt_deinit(cert); - return(-1); - } - - return(0); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeyCertLoadMemory", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } /** * xmlSecGnuTLSAppPkcs12Load: - * @filename: the PKCS12 key filename. - * @pwd: the PKCS12 file password. - * @pwdCallback: the password callback. - * @pwdCallbackCtx: the user context for password callback. + * @filename: the PKCS12 key filename. + * @pwd: the PKCS12 file password. + * @pwdCallback: the password callback. + * @pwdCallbackCtx: the user context for password callback. * - * Reads key and all associated certificates from the PKCS12 file. + * Reads key and all associated certificates from the PKCS12 file + * (not implemented yet). * For uniformity, call xmlSecGnuTLSAppKeyLoad instead of this function. Pass * in format=xmlSecKeyDataFormatPkcs12. * * Returns: pointer to the key or NULL if an error occurs. */ -xmlSecKeyPtr -xmlSecGnuTLSAppPkcs12Load(const char *filename, - const char *pwd, - void* pwdCallback, - void* pwdCallbackCtx) { - xmlSecKeyPtr key; - xmlSecBuffer buffer; - int ret; - +xmlSecKeyPtr +xmlSecGnuTLSAppPkcs12Load(const char *filename, + const char *pwd ATTRIBUTE_UNUSED, + void* pwdCallback ATTRIBUTE_UNUSED, + void* pwdCallbackCtx ATTRIBUTE_UNUSED) { xmlSecAssert2(filename != NULL, NULL); - ret = xmlSecBufferInitialize(&buffer, 4*1024); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(NULL); - } - - ret = xmlSecBufferReadFile(&buffer, filename); - if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferReadFile", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(NULL); - } - - key = xmlSecGnuTLSAppPkcs12LoadMemory(xmlSecBufferGetData(&buffer), - xmlSecBufferGetSize(&buffer), - pwd, pwdCallback, pwdCallbackCtx); - if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSAppPkcs12LoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(NULL); - } - - /* cleanup */ - xmlSecBufferFinalize(&buffer); - return(key); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppPkcs12Load", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(NULL); } /** * xmlSecGnuTLSAppPkcs12LoadMemory: - * @data: the PKCS12 binary data. - * @dataSize: the PKCS12 binary data size. - * @pwd: the PKCS12 file password. - * @pwdCallback: the password callback. - * @pwdCallbackCtx: the user context for password callback. + * @data: the PKCS12 binary data. + * @dataSize: the PKCS12 binary data size. + * @pwd: the PKCS12 file password. + * @pwdCallback: the password callback. + * @pwdCallbackCtx: the user context for password callback. * * Reads key and all associated certificates from the PKCS12 data in memory buffer. * For uniformity, call xmlSecGnuTLSAppKeyLoadMemory instead of this function. Pass - * in format=xmlSecKeyDataFormatPkcs12. + * in format=xmlSecKeyDataFormatPkcs12 (not implemented yet). * * Returns: pointer to the key or NULL if an error occurs. */ -xmlSecKeyPtr -xmlSecGnuTLSAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, - const char *pwd, - void* pwdCallback ATTRIBUTE_UNUSED, - void* pwdCallbackCtx ATTRIBUTE_UNUSED) -{ - xmlSecKeyPtr key = NULL; - xmlSecKeyPtr res = NULL; - xmlSecPtrList certsList; - xmlSecKeyDataPtr keyData = NULL; - xmlSecKeyDataPtr x509Data = NULL; - gnutls_x509_privkey_t priv_key = NULL; - gnutls_x509_crt_t key_cert = NULL; - xmlSecSize certsSize; - int ret; - +xmlSecKeyPtr +xmlSecGnuTLSAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, + const char *pwd, void* pwdCallback, + void* pwdCallbackCtx) { xmlSecAssert2(data != NULL, NULL); - xmlSecAssert2(dataSize > 0, NULL); - - /* prepare */ - ret = xmlSecPtrListInitialize(&(certsList), xmlSecGnuTLSX509CrtListId); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecPtrListInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "certsList"); - return(NULL); - } - - /* load pkcs12 */ - ret = xmlSecGnuTLSPkcs12LoadMemory(data, dataSize, pwd, &priv_key, &key_cert, &certsList); - if((ret < 0) || (priv_key == NULL)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSPkcs12LoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - /* create key */ - key = xmlSecKeyCreate(); - if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - /* create key value data */ - keyData = xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey(priv_key); - if(keyData == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - priv_key = NULL; /* owned by keyData now */ - - ret = xmlSecKeySetValue(key, keyData); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeySetValue", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); - goto done; - } - keyData = NULL; /* owned by key now */ - - - /* create x509 certs data */ - certsSize = xmlSecPtrListGetSize(&certsList); - if((certsSize > 0) || (key_cert != NULL)) { - xmlSecSize ii; - - x509Data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataX509Id); - if(x509Data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataX509Id)", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - /* set key's cert */ - if(key_cert != NULL) { - ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, key_cert); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSKeyDataX509AdoptKeyCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - key_cert = NULL; /* owned by x509Data now */ - } - - /* copy all other certs */ - for(ii = 0; ii < certsSize; ++ii) { - gnutls_x509_crt_t cert = xmlSecPtrListRemoveAndReturn(&certsList, ii); - if(cert == NULL) { - continue; - } - - ret = xmlSecGnuTLSKeyDataX509AdoptCert(x509Data, cert); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSKeyDataX509AdoptCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - gnutls_x509_crt_deinit(cert); - goto done; - } - } - - /* set in the key */ - ret = xmlSecKeyAdoptData(key, x509Data); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyAdoptData", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); - goto done; - } - x509Data = NULL; /* owned by key now */ - } - - /* success!!! */ - res = key; - key = NULL; - -done: - if(key_cert != NULL) { - gnutls_x509_crt_deinit(key_cert); - } - if(priv_key != NULL) { - gnutls_x509_privkey_deinit(priv_key); - } - if(keyData != NULL) { - xmlSecKeyDataDestroy(keyData); - } - if(x509Data != NULL) { - xmlSecKeyDataDestroy(x509Data); - } - if(key != NULL) { - xmlSecKeyDestroy(key); - } - xmlSecPtrListFinalize(&certsList); - return(res); -} - -static xmlSecKeyPtr -xmlSecGnuTLSAppKeyFromCertLoad(const char *filename, - xmlSecKeyDataFormat format) -{ - xmlSecKeyPtr key; - xmlSecBuffer buffer; - int ret; - - xmlSecAssert2(filename != NULL, NULL); - - ret = xmlSecBufferInitialize(&buffer, 4*1024); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(NULL); - } - - ret = xmlSecBufferReadFile(&buffer, filename); - if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferReadFile", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(NULL); - } - - key = xmlSecGnuTLSAppKeyFromCertLoadMemory( - xmlSecBufferGetData(&buffer), - xmlSecBufferGetSize(&buffer), - format); - if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSAppKeyFromCertLoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(NULL); - } - - /* cleanup */ - xmlSecBufferFinalize(&buffer); - return(key); -} - -static xmlSecKeyPtr -xmlSecGnuTLSAppKeyFromCertLoadMemory(const xmlSecByte* data, - xmlSecSize dataSize, - xmlSecKeyDataFormat format) -{ - xmlSecKeyPtr key = NULL; - xmlSecKeyDataPtr keyData = NULL; - xmlSecKeyDataPtr x509Data = NULL; - gnutls_x509_crt_t cert = NULL; - xmlSecKeyPtr res = NULL; - int ret; - - xmlSecAssert2(data != NULL, NULL); - xmlSecAssert2(dataSize > 0, NULL); - xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL); - - /* read cert */ - cert = xmlSecGnuTLSX509CertRead(data, dataSize, format); - if(cert == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSX509CertRead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - /* create key */ - key = xmlSecKeyCreate(); - if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - /* create key value data */ - keyData = xmlSecGnuTLSX509CertGetKey(cert); - if(keyData == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSX509CertGetKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - - ret = xmlSecKeySetValue(key, keyData); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeySetValue", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); - goto done; - } - keyData = NULL; /* owned by key now */ - - /* create x509 data */ - x509Data = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id); - if(x509Data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyEnsureData", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, cert); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSKeyDataX509AdoptKeyCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - goto done; - } - cert = NULL; /* owned by x509Data now */ - - /* success */ - res = key; - key = NULL; - -done: - if(cert != NULL) { - gnutls_x509_crt_deinit(cert); - } - if(keyData != NULL) { - xmlSecKeyDataDestroy(keyData); - } - if(key != NULL) { - xmlSecKeyDestroy(key); - } - return(res); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppPkcs12LoadMemory", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(NULL); } /** * xmlSecGnuTLSAppKeysMngrCertLoad: - * @mngr: the keys manager. - * @filename: the certificate file. - * @format: the certificate file format. - * @type: the flag that indicates is the certificate in @filename - * trusted or not. - * + * @mngr: the keys manager. + * @filename: the certificate file. + * @format: the certificate file format. + * @type: the flag that indicates is the certificate in @filename + * trusted or not. + * * Reads cert from @filename and adds to the list of trusted or known - * untrusted certs in @store. + * untrusted certs in @store (not implemented yet). * * Returns: 0 on success or a negative value otherwise. */ int -xmlSecGnuTLSAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, - const char *filename, - xmlSecKeyDataFormat format, - xmlSecKeyDataType type) { - xmlSecBuffer buffer; - int ret; - +xmlSecGnuTLSAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, + xmlSecKeyDataFormat format, + xmlSecKeyDataType type ATTRIBUTE_UNUSED) { xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(filename != NULL, -1); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); - ret = xmlSecBufferInitialize(&buffer, 4*1024); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ret = xmlSecBufferReadFile(&buffer, filename); - if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferReadFile", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(-1); - } - - ret = xmlSecGnuTLSAppKeysMngrCertLoadMemory(mngr, - xmlSecBufferGetData(&buffer), - xmlSecBufferGetSize(&buffer), - format, - type); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSAppKeysMngrCertLoadMemory", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - xmlSecBufferFinalize(&buffer); - return(-1); - } - - /* cleanup */ - xmlSecBufferFinalize(&buffer); - return(0); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeysMngrCertLoad", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } /** * xmlSecGnuTLSAppKeysMngrCertLoadMemory: - * @mngr: the keys manager. - * @data: the certificate binary data. - * @dataSize: the certificate binary data size. - * @format: the certificate file format. - * @type: the flag that indicates is the certificate trusted or not. - * + * @mngr: the keys manager. + * @data: the certificate binary data. + * @dataSize: the certificate binary data size. + * @format: the certificate file format. + * @type: the flag that indicates is the certificate trusted or not. + * * Reads cert from binary buffer @data and adds to the list of trusted or known - * untrusted certs in @store. + * untrusted certs in @store (not implemented yet). * * Returns: 0 on success or a negative value otherwise. */ int -xmlSecGnuTLSAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, - const xmlSecByte* data, - xmlSecSize dataSize, - xmlSecKeyDataFormat format, - xmlSecKeyDataType type) { - xmlSecKeyDataStorePtr x509Store; - gnutls_x509_crt_t cert; - int ret; - +xmlSecGnuTLSAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data, + xmlSecSize dataSize, xmlSecKeyDataFormat format, + xmlSecKeyDataType type) { xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(data != NULL, -1); - xmlSecAssert2(dataSize > 0, -1); xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1); - x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecGnuTLSX509StoreId); - if(x509Store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetDataStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecGnuTLSX509StoreId"); - return(-1); - } - - cert = xmlSecGnuTLSX509CertRead(data, dataSize, format); - if(cert == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSX509CertRead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - ret = xmlSecGnuTLSX509StoreAdoptCert(x509Store, cert, type); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSX509StoreAdoptCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - gnutls_x509_crt_deinit(cert); - return(-1); - } - - return(0); + /* TODO */ + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSAppKeysMngrCertLoadMemory", + XMLSEC_ERRORS_R_NOT_IMPLEMENTED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } #endif /* XMLSEC_NO_X509 */ /** * xmlSecGnuTLSAppDefaultKeysMngrInit: - * @mngr: the pointer to keys manager. + * @mngr: the pointer to keys manager. * * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId * and a default GnuTLS crypto key data stores. * * Returns: 0 on success or a negative value otherwise. - */ + */ int xmlSecGnuTLSAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) { int ret; - + xmlSecAssert2(mngr != NULL, -1); - /* create simple keys store if needed */ + /* create simple keys store if needed */ if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) { - xmlSecKeyStorePtr keysStore; - - keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId); - if(keysStore == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyStoreCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecSimpleKeysStoreId"); - return(-1); - } - - ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrAdoptKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - xmlSecKeyStoreDestroy(keysStore); - return(-1); - } - } - - ret = xmlSecGnuTLSKeysMngrInit(mngr); + xmlSecKeyStorePtr keysStore; + + keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId); + if(keysStore == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeyStoreCreate", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "xmlSecSimpleKeysStoreId"); + return(-1); + } + + ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeysMngrAdoptKeysStore", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + xmlSecKeyStoreDestroy(keysStore); + return(-1); + } + } + + ret = xmlSecGnuTLSKeysMngrInit(mngr); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecGnuTLSKeysMngrInit", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecGnuTLSKeysMngrInit", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + /* TODO */ mngr->getKey = xmlSecKeysMngrGetKey; return(0); @@ -862,125 +363,125 @@ xmlSecGnuTLSAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) { /** * xmlSecGnuTLSAppDefaultKeysMngrAdoptKey: - * @mngr: the pointer to keys manager. - * @key: the pointer to key. + * @mngr: the pointer to keys manager. + * @key: the pointer to key. * * Adds @key to the keys manager @mngr created with #xmlSecGnuTLSAppDefaultKeysMngrInit * function. - * + * * Returns: 0 on success or a negative value otherwise. - */ -int + */ +int xmlSecGnuTLSAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) { xmlSecKeyStorePtr store; int ret; - + xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(key != NULL, -1); - + store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeysMngrGetKeysStore", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + ret = xmlSecSimpleKeysStoreAdoptKey(store, key); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreAdoptKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecSimpleKeysStoreAdoptKey", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + return(0); } /** * xmlSecGnuTLSAppDefaultKeysMngrLoad: - * @mngr: the pointer to keys manager. - * @uri: the uri. + * @mngr: the pointer to keys manager. + * @uri: the uri. * - * Loads XML keys file from @uri to the keys manager @mngr created + * Loads XML keys file from @uri to the keys manager @mngr created * with #xmlSecGnuTLSAppDefaultKeysMngrInit function. - * + * * Returns: 0 on success or a negative value otherwise. - */ -int + */ +int xmlSecGnuTLSAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) { xmlSecKeyStorePtr store; int ret; - + xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(uri != NULL, -1); - + store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeysMngrGetKeysStore", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreLoad", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "uri=%s", xmlSecErrorsSafeString(uri)); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecSimpleKeysStoreLoad", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "uri=%s", xmlSecErrorsSafeString(uri)); + return(-1); + } + return(0); } /** * xmlSecGnuTLSAppDefaultKeysMngrSave: - * @mngr: the pointer to keys manager. - * @filename: the destination filename. - * @type: the type of keys to save (public/private/symmetric). + * @mngr: the pointer to keys manager. + * @filename: the destination filename. + * @type: the type of keys to save (public/private/symmetric). * * Saves keys from @mngr to XML keys file. - * + * * Returns: 0 on success or a negative value otherwise. - */ -int + */ +int xmlSecGnuTLSAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) { xmlSecKeyStorePtr store; int ret; - + xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(filename != NULL, -1); - + store = xmlSecKeysMngrGetKeysStore(mngr); if(store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrGetKeysStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecKeysMngrGetKeysStore", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + ret = xmlSecSimpleKeysStoreSave(store, filename, type); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecSimpleKeysStoreSave", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "filename=%s", - xmlSecErrorsSafeString(filename)); - return(-1); - } - + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecSimpleKeysStoreSave", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "filename=%s", + xmlSecErrorsSafeString(filename)); + return(-1); + } + return(0); } |