diff options
Diffstat (limited to 'src/gnutls/crypto.c')
-rw-r--r-- | src/gnutls/crypto.c | 304 |
1 files changed, 79 insertions, 225 deletions
diff --git a/src/gnutls/crypto.c b/src/gnutls/crypto.c index 83175e69..dbf69f21 100644 --- a/src/gnutls/crypto.c +++ b/src/gnutls/crypto.c @@ -1,15 +1,16 @@ -/** +/** * XMLSec library * * This is free software; see Copyright file in the source * distribution for preciese wording. - * + * * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> */ #include "globals.h" #include <string.h> +#include <gnutls/gnutls.h> #include <gcrypt.h> #include <xmlsec/xmlsec.h> @@ -21,7 +22,6 @@ #include <xmlsec/gnutls/app.h> #include <xmlsec/gnutls/crypto.h> -#include <xmlsec/gnutls/x509.h> static xmlSecCryptoDLFunctionsPtr gXmlSecGnuTLSFunctions = NULL; @@ -35,197 +35,79 @@ static xmlSecCryptoDLFunctionsPtr gXmlSecGnuTLSFunctions = NULL; xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_gnutls(void) { static xmlSecCryptoDLFunctions functions; - + if(gXmlSecGnuTLSFunctions != NULL) { - return(gXmlSecGnuTLSFunctions); + return(gXmlSecGnuTLSFunctions); } memset(&functions, 0, sizeof(functions)); gXmlSecGnuTLSFunctions = &functions; - /******************************************************************** - * + /** * Crypto Init/shutdown - * - ********************************************************************/ - gXmlSecGnuTLSFunctions->cryptoInit = xmlSecGnuTLSInit; - gXmlSecGnuTLSFunctions->cryptoShutdown = xmlSecGnuTLSShutdown; - gXmlSecGnuTLSFunctions->cryptoKeysMngrInit = xmlSecGnuTLSKeysMngrInit; + */ + gXmlSecGnuTLSFunctions->cryptoInit = xmlSecGnuTLSInit; + gXmlSecGnuTLSFunctions->cryptoShutdown = xmlSecGnuTLSShutdown; + gXmlSecGnuTLSFunctions->cryptoKeysMngrInit = xmlSecGnuTLSKeysMngrInit; - /******************************************************************** - * + /** * Key data ids - * - ********************************************************************/ -#ifndef XMLSEC_NO_AES - gXmlSecGnuTLSFunctions->keyDataAesGetKlass = xmlSecGnuTLSKeyDataAesGetKlass; + */ +#ifndef XMLSEC_NO_AES + gXmlSecGnuTLSFunctions->keyDataAesGetKlass = xmlSecGnuTLSKeyDataAesGetKlass; #endif /* XMLSEC_NO_AES */ -#ifndef XMLSEC_NO_DES - gXmlSecGnuTLSFunctions->keyDataDesGetKlass = xmlSecGnuTLSKeyDataDesGetKlass; +#ifndef XMLSEC_NO_DES + gXmlSecGnuTLSFunctions->keyDataDesGetKlass = xmlSecGnuTLSKeyDataDesGetKlass; #endif /* XMLSEC_NO_DES */ -#ifndef XMLSEC_NO_DSA - gXmlSecGnuTLSFunctions->keyDataDsaGetKlass = xmlSecGnuTLSKeyDataDsaGetKlass; -#endif /* XMLSEC_NO_DSA */ - -#ifndef XMLSEC_NO_HMAC - gXmlSecGnuTLSFunctions->keyDataHmacGetKlass = xmlSecGnuTLSKeyDataHmacGetKlass; -#endif /* XMLSEC_NO_HMAC */ - -#ifndef XMLSEC_NO_RSA - gXmlSecGnuTLSFunctions->keyDataRsaGetKlass = xmlSecGnuTLSKeyDataRsaGetKlass; -#endif /* XMLSEC_NO_RSA */ +#ifndef XMLSEC_NO_HMAC + gXmlSecGnuTLSFunctions->keyDataHmacGetKlass = xmlSecGnuTLSKeyDataHmacGetKlass; +#endif /* XMLSEC_NO_HMAC */ -#ifndef XMLSEC_NO_X509 - gXmlSecGnuTLSFunctions->keyDataX509GetKlass = xmlSecGnuTLSKeyDataX509GetKlass; - gXmlSecGnuTLSFunctions->keyDataRawX509CertGetKlass = xmlSecGnuTLSKeyDataRawX509CertGetKlass; -#endif /* XMLSEC_NO_X509 */ - - /******************************************************************** - * + /** * Key data store ids - * - ********************************************************************/ -#ifndef XMLSEC_NO_X509 - gXmlSecGnuTLSFunctions->x509StoreGetKlass = xmlSecGnuTLSX509StoreGetKlass; -#endif /* XMLSEC_NO_X509 */ + */ - /******************************************************************** - * + /** * Crypto transforms ids - * - ********************************************************************/ - - /******************************* AES ********************************/ -#ifndef XMLSEC_NO_AES - gXmlSecGnuTLSFunctions->transformAes128CbcGetKlass = xmlSecGnuTLSTransformAes128CbcGetKlass; - gXmlSecGnuTLSFunctions->transformAes192CbcGetKlass = xmlSecGnuTLSTransformAes192CbcGetKlass; - gXmlSecGnuTLSFunctions->transformAes256CbcGetKlass = xmlSecGnuTLSTransformAes256CbcGetKlass; - gXmlSecGnuTLSFunctions->transformKWAes128GetKlass = xmlSecGnuTLSTransformKWAes128GetKlass; - gXmlSecGnuTLSFunctions->transformKWAes192GetKlass = xmlSecGnuTLSTransformKWAes192GetKlass; - gXmlSecGnuTLSFunctions->transformKWAes256GetKlass = xmlSecGnuTLSTransformKWAes256GetKlass; + */ +#ifndef XMLSEC_NO_AES + gXmlSecGnuTLSFunctions->transformAes128CbcGetKlass = xmlSecGnuTLSTransformAes128CbcGetKlass; + gXmlSecGnuTLSFunctions->transformAes192CbcGetKlass = xmlSecGnuTLSTransformAes192CbcGetKlass; + gXmlSecGnuTLSFunctions->transformAes256CbcGetKlass = xmlSecGnuTLSTransformAes256CbcGetKlass; #endif /* XMLSEC_NO_AES */ - /******************************* DES ********************************/ -#ifndef XMLSEC_NO_DES - gXmlSecGnuTLSFunctions->transformDes3CbcGetKlass = xmlSecGnuTLSTransformDes3CbcGetKlass; - gXmlSecGnuTLSFunctions->transformKWDes3GetKlass = xmlSecGnuTLSTransformKWDes3GetKlass; +#ifndef XMLSEC_NO_DES + gXmlSecGnuTLSFunctions->transformDes3CbcGetKlass = xmlSecGnuTLSTransformDes3CbcGetKlass; #endif /* XMLSEC_NO_DES */ - /******************************* DSA ********************************/ -#ifndef XMLSEC_NO_DSA - -#ifndef XMLSEC_NO_SHA1 - gXmlSecGnuTLSFunctions->transformDsaSha1GetKlass = xmlSecGnuTLSTransformDsaSha1GetKlass; -#endif /* XMLSEC_NO_SHA1 */ - -#endif /* XMLSEC_NO_DSA */ - - /******************************* HMAC ********************************/ #ifndef XMLSEC_NO_HMAC - -#ifndef XMLSEC_NO_MD5 - gXmlSecGnuTLSFunctions->transformHmacMd5GetKlass = xmlSecGnuTLSTransformHmacMd5GetKlass; -#endif /* XMLSEC_NO_MD5 */ - -#ifndef XMLSEC_NO_RIPEMD160 - gXmlSecGnuTLSFunctions->transformHmacRipemd160GetKlass = xmlSecGnuTLSTransformHmacRipemd160GetKlass; -#endif /* XMLSEC_NO_RIPEMD160 */ - -#ifndef XMLSEC_NO_SHA1 - gXmlSecGnuTLSFunctions->transformHmacSha1GetKlass = xmlSecGnuTLSTransformHmacSha1GetKlass; -#endif /* XMLSEC_NO_SHA1 */ - -#ifndef XMLSEC_NO_SHA256 - gXmlSecGnuTLSFunctions->transformHmacSha256GetKlass = xmlSecGnuTLSTransformHmacSha256GetKlass; -#endif /* XMLSEC_NO_SHA256 */ - -#ifndef XMLSEC_NO_SHA384 - gXmlSecGnuTLSFunctions->transformHmacSha384GetKlass = xmlSecGnuTLSTransformHmacSha384GetKlass; -#endif /* XMLSEC_NO_SHA384 */ - -#ifndef XMLSEC_NO_SHA512 - gXmlSecGnuTLSFunctions->transformHmacSha512GetKlass = xmlSecGnuTLSTransformHmacSha512GetKlass; -#endif /* XMLSEC_NO_SHA512 */ - + gXmlSecGnuTLSFunctions->transformHmacSha1GetKlass = xmlSecGnuTLSTransformHmacSha1GetKlass; + gXmlSecGnuTLSFunctions->transformHmacRipemd160GetKlass = xmlSecGnuTLSTransformHmacRipemd160GetKlass; + gXmlSecGnuTLSFunctions->transformHmacMd5GetKlass = xmlSecGnuTLSTransformHmacMd5GetKlass; #endif /* XMLSEC_NO_HMAC */ - /******************************* MD5 ********************************/ -#ifndef XMLSEC_NO_MD5 - gXmlSecGnuTLSFunctions->transformMd5GetKlass = xmlSecGnuTLSTransformMd5GetKlass; -#endif /* XMLSEC_NO_MD5 */ - - /******************************* RIPEMD160 ********************************/ -#ifndef XMLSEC_NO_RIPEMD160 - gXmlSecGnuTLSFunctions->transformRipemd160GetKlass = xmlSecGnuTLSTransformRipemd160GetKlass; -#endif /* XMLSEC_NO_RIPEMD160 */ - - /******************************* RSA ********************************/ -#ifndef XMLSEC_NO_RSA - -#ifndef XMLSEC_NO_MD5 - gXmlSecGnuTLSFunctions->transformRsaMd5GetKlass = xmlSecGnuTLSTransformRsaMd5GetKlass; -#endif /* XMLSEC_NO_MD5 */ - -#ifndef XMLSEC_NO_RIPEMD160 - gXmlSecGnuTLSFunctions->transformRsaRipemd160GetKlass = xmlSecGnuTLSTransformRsaRipemd160GetKlass; -#endif /* XMLSEC_NO_RIPEMD160 */ - -#ifndef XMLSEC_NO_SHA1 - gXmlSecGnuTLSFunctions->transformRsaSha1GetKlass = xmlSecGnuTLSTransformRsaSha1GetKlass; -#endif /* XMLSEC_NO_SHA1 */ - -#ifndef XMLSEC_NO_SHA256 - gXmlSecGnuTLSFunctions->transformRsaSha256GetKlass = xmlSecGnuTLSTransformRsaSha256GetKlass; -#endif /* XMLSEC_NO_SHA256 */ - -#ifndef XMLSEC_NO_SHA384 - gXmlSecGnuTLSFunctions->transformRsaSha384GetKlass = xmlSecGnuTLSTransformRsaSha384GetKlass; -#endif /* XMLSEC_NO_SHA384 */ - -#ifndef XMLSEC_NO_SHA512 - gXmlSecGnuTLSFunctions->transformRsaSha512GetKlass = xmlSecGnuTLSTransformRsaSha512GetKlass; -#endif /* XMLSEC_NO_SHA512 */ - -#endif /* XMLSEC_NO_RSA */ - - /******************************* SHA ********************************/ -#ifndef XMLSEC_NO_SHA1 - gXmlSecGnuTLSFunctions->transformSha1GetKlass = xmlSecGnuTLSTransformSha1GetKlass; +#ifndef XMLSEC_NO_SHA1 + gXmlSecGnuTLSFunctions->transformSha1GetKlass = xmlSecGnuTLSTransformSha1GetKlass; #endif /* XMLSEC_NO_SHA1 */ -#ifndef XMLSEC_NO_SHA256 - gXmlSecGnuTLSFunctions->transformSha256GetKlass = xmlSecGnuTLSTransformSha256GetKlass; -#endif /* XMLSEC_NO_SHA256 */ - -#ifndef XMLSEC_NO_SHA384 - gXmlSecGnuTLSFunctions->transformSha384GetKlass = xmlSecGnuTLSTransformSha384GetKlass; -#endif /* XMLSEC_NO_SHA384 */ - -#ifndef XMLSEC_NO_SHA512 - gXmlSecGnuTLSFunctions->transformSha512GetKlass = xmlSecGnuTLSTransformSha512GetKlass; -#endif /* XMLSEC_NO_SHA512 */ - - - /******************************************************************** - * + /** * High level routines form xmlsec command line utility - * - ********************************************************************/ - gXmlSecGnuTLSFunctions->cryptoAppInit = xmlSecGnuTLSAppInit; - gXmlSecGnuTLSFunctions->cryptoAppShutdown = xmlSecGnuTLSAppShutdown; - gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrInit = xmlSecGnuTLSAppDefaultKeysMngrInit; - gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrAdoptKey = xmlSecGnuTLSAppDefaultKeysMngrAdoptKey; - gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrLoad = xmlSecGnuTLSAppDefaultKeysMngrLoad; - gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrSave = xmlSecGnuTLSAppDefaultKeysMngrSave; + */ + gXmlSecGnuTLSFunctions->cryptoAppInit = xmlSecGnuTLSAppInit; + gXmlSecGnuTLSFunctions->cryptoAppShutdown = xmlSecGnuTLSAppShutdown; + gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrInit = xmlSecGnuTLSAppDefaultKeysMngrInit; + gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrAdoptKey = xmlSecGnuTLSAppDefaultKeysMngrAdoptKey; + gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrLoad = xmlSecGnuTLSAppDefaultKeysMngrLoad; + gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrSave = xmlSecGnuTLSAppDefaultKeysMngrSave; #ifndef XMLSEC_NO_X509 - gXmlSecGnuTLSFunctions->cryptoAppKeysMngrCertLoad = xmlSecGnuTLSAppKeysMngrCertLoad; - gXmlSecGnuTLSFunctions->cryptoAppPkcs12Load = xmlSecGnuTLSAppPkcs12Load; - gXmlSecGnuTLSFunctions->cryptoAppKeyCertLoad = xmlSecGnuTLSAppKeyCertLoad; + gXmlSecGnuTLSFunctions->cryptoAppKeysMngrCertLoad = xmlSecGnuTLSAppKeysMngrCertLoad; + gXmlSecGnuTLSFunctions->cryptoAppPkcs12Load = xmlSecGnuTLSAppPkcs12Load; + gXmlSecGnuTLSFunctions->cryptoAppKeyCertLoad = xmlSecGnuTLSAppKeyCertLoad; #endif /* XMLSEC_NO_X509 */ - gXmlSecGnuTLSFunctions->cryptoAppKeyLoad = xmlSecGnuTLSAppKeyLoad; - gXmlSecGnuTLSFunctions->cryptoAppDefaultPwdCallback = (void*)xmlSecGnuTLSAppGetDefaultPwdCallback(); + gXmlSecGnuTLSFunctions->cryptoAppKeyLoad = xmlSecGnuTLSAppKeyLoad; + gXmlSecGnuTLSFunctions->cryptoAppDefaultPwdCallback = (void*)xmlSecGnuTLSAppGetDefaultPwdCallback(); return(gXmlSecGnuTLSFunctions); } @@ -233,51 +115,51 @@ xmlSecCryptoGetFunctions_gnutls(void) { /** * xmlSecGnuTLSInit: - * - * XMLSec library specific crypto engine initialization. + * + * XMLSec library specific crypto engine initialization. * * Returns: 0 on success or a negative value otherwise. */ -int +int xmlSecGnuTLSInit (void) { /* Check loaded xmlsec library version */ if(xmlSecCheckVersionExact() != 1) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecCheckVersionExact", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCheckVersionExact", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } /* register our klasses */ if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_gnutls()) < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } - + return(0); } /** * xmlSecGnuTLSShutdown: - * - * XMLSec library specific crypto engine shutdown. + * + * XMLSec library specific crypto engine shutdown. * * Returns: 0 on success or a negative value otherwise. */ -int +int xmlSecGnuTLSShutdown(void) { return(0); } /** * xmlSecGnuTLSKeysMngrInit: - * @mngr: the pointer to keys manager. + * @mngr: the pointer to keys manager. * * Adds GnuTLS specific key data stores in keys manager. * @@ -285,66 +167,38 @@ xmlSecGnuTLSShutdown(void) { */ int xmlSecGnuTLSKeysMngrInit(xmlSecKeysMngrPtr mngr) { - int ret; - xmlSecAssert2(mngr != NULL, -1); -#ifndef XMLSEC_NO_X509 - /* create x509 store if needed */ - if(xmlSecKeysMngrGetDataStore(mngr, xmlSecGnuTLSX509StoreId) == NULL) { - xmlSecKeyDataStorePtr x509Store; - - x509Store = xmlSecKeyDataStoreCreate(xmlSecGnuTLSX509StoreId); - if(x509Store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyDataStoreCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecGnuTLSX509StoreId"); - return(-1); - } - - ret = xmlSecKeysMngrAdoptDataStore(mngr, x509Store); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrAdoptDataStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - xmlSecKeyDataStoreDestroy(x509Store); - return(-1); - } - } -#endif /* XMLSEC_NO_X509 */ + /* TODO: add key data stores */ return(0); } /** * xmlSecGnuTLSGenerateRandom: - * @buffer: the destination buffer. - * @size: the numer of bytes to generate. + * @buffer: the destination buffer. + * @size: the numer of bytes to generate. * * Generates @size random bytes and puts result in @buffer. * * Returns: 0 on success or a negative value otherwise. */ int -xmlSecGnuTLSGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) { +xmlSecGnuTLSGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) { int ret; - + xmlSecAssert2(buffer != NULL, -1); xmlSecAssert2(size > 0, -1); ret = xmlSecBufferSetSize(buffer, size); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", size); - return(-1); + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + "xmlSecBufferSetSize", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "size=%d", size); + return(-1); } - + /* get random data */ gcry_randomize(xmlSecBufferGetData(buffer), size, GCRY_STRONG_RANDOM); return(0); |