summaryrefslogtreecommitdiff
path: root/src/gnutls/x509.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gnutls/x509.c')
-rw-r--r--src/gnutls/x509.c705
1 files changed, 241 insertions, 464 deletions
diff --git a/src/gnutls/x509.c b/src/gnutls/x509.c
index d043bc72..d9503d34 100644
--- a/src/gnutls/x509.c
+++ b/src/gnutls/x509.c
@@ -1,7 +1,6 @@
-/**
- * XMLSec library
- *
- * X509 support
+
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
*
*
* This is free software; see Copyright file in the source
@@ -9,6 +8,13 @@
*
* Copyright (C) 2010-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
+/**
+ * SECTION:x509
+ * @Short_description: X509 certificates implementation for GnuTLS.
+ * @Stability: Stable
+ *
+ */
+
#include "globals.h"
#ifndef XMLSEC_NO_X509
@@ -328,11 +334,8 @@ xmlSecGnuTLSKeyDataX509AdoptCert(xmlSecKeyDataPtr data, gnutls_x509_crt_t cert)
ret = xmlSecPtrListAdd(&(ctx->certsList), cert);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListAdd",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -403,11 +406,8 @@ xmlSecGnuTLSKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, gnutls_x509_crl_t crl) {
ret = xmlSecPtrListAdd(&(ctx->crlsList), crl);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListAdd",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -471,21 +471,15 @@ xmlSecGnuTLSKeyDataX509Initialize(xmlSecKeyDataPtr data) {
ret = xmlSecPtrListInitialize(&(ctx->certsList), xmlSecGnuTLSX509CrtListId);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "certsList");
+ xmlSecInternalError("xmlSecPtrListInitialize(certsList)",
+ xmlSecKeyDataGetName(data));
return(-1);
}
ret = xmlSecPtrListInitialize(&(ctx->crlsList), xmlSecGnuTLSX509CrlListId);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "crlsList");
+ xmlSecInternalError("xmlSecPtrListInitialize(crlsList)",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -514,11 +508,8 @@ xmlSecGnuTLSKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
if(ctxSrc->keyCert != NULL) {
ctxDst->keyCert = xmlSecGnuTLSX509CertDup(ctxSrc->keyCert);
if(ctxDst->keyCert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
- "xmlSecGnuTLSX509CertDup",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup",
+ xmlSecKeyDataGetName(src));
return(-1);
}
}
@@ -527,11 +518,8 @@ xmlSecGnuTLSKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
xmlSecPtrListEmpty(&(ctxDst->certsList));
ret = xmlSecPtrListCopy(&(ctxDst->certsList), &(ctxSrc->certsList));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
- "xmlSecPtrListCopy",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "certsList");
+ xmlSecInternalError("xmlSecPtrListCopy(certsList)",
+ xmlSecKeyDataGetName(src));
return(-1);
}
@@ -539,13 +527,11 @@ xmlSecGnuTLSKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
xmlSecPtrListEmpty(&(ctxDst->crlsList));
ret = xmlSecPtrListCopy(&(ctxDst->crlsList), &(ctxSrc->crlsList));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
- "xmlSecPtrListCopy",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "crlsList");
+ xmlSecInternalError("xmlSecPtrListCopy(crlsList)",
+ xmlSecKeyDataGetName(src));
return(-1);
}
+
/* done */
return(0);
}
@@ -580,34 +566,23 @@ xmlSecGnuTLSKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
data = xmlSecKeyEnsureData(key, id);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecKeyEnsureData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyEnsureData",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
ret = xmlSecGnuTLSX509DataNodeRead(data, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509DataNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509DataNodeRead",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
- if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
- ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
+ ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
+ xmlSecKeyDataKlassGetName(id));
+ return(-1);
}
return(0);
}
@@ -627,13 +602,11 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
xmlSecAssert2(node != NULL, -1);
xmlSecAssert2(keyInfoCtx != NULL, -1);
- content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
+ content = xmlSecX509DataGetNodeContent (node, keyInfoCtx);
if (content < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecX509DataGetNodeContent",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "content=%d", content);
+ xmlSecInternalError2("xmlSecX509DataGetNodeContent",
+ xmlSecKeyDataKlassGetName(id),
+ "content=%d", content);
return(-1);
} else if(content == 0) {
/* by default we are writing certificates and crls */
@@ -652,22 +625,18 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
for(pos = 0; pos < size; ++pos) {
cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSKeyDataX509GetCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
ret = xmlSecGnuTLSX509CertificateNodeWrite(cert, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509CertificateNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSX509CertificateNodeWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
}
@@ -675,11 +644,9 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
ret = xmlSecGnuTLSX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509SubjectNameNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSX509SubjectNameNodeWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
}
@@ -687,11 +654,9 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
ret = xmlSecGnuTLSX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509IssuerSerialNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSX509IssuerSerialNodeWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
}
@@ -699,11 +664,9 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
ret = xmlSecGnuTLSX509SKINodeWrite(cert, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509SKINodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSX509SKINodeWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
}
@@ -715,21 +678,17 @@ xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
for(pos = 0; pos < size; ++pos) {
crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
if(crl == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSKeyDataX509GetCrl",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
ret = xmlSecGnuTLSX509CRLNodeWrite(crl, node, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSX509CRLNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSX509CRLNodeWrite",
+ xmlSecKeyDataKlassGetName(id),
+ "pos=%d", pos);
return(-1);
}
}
@@ -783,11 +742,9 @@ xmlSecGnuTLSKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509GetCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=%d", pos);
return;
}
fprintf(output, "==== Certificate:\n");
@@ -801,11 +758,9 @@ xmlSecGnuTLSKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
if(crl == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509GetCrl",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=%d", pos);
return;
}
fprintf(output, "==== Crl:\n");
@@ -841,11 +796,9 @@ xmlSecGnuTLSKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509GetCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCert",
+ xmlSecKeyDataGetName(data),
+ "pos=%d", pos);
return;
}
fprintf(output, "<Certificate>\n");
@@ -860,11 +813,9 @@ xmlSecGnuTLSKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
if(crl == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509GetCrl",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "pos=%d", pos);
+ xmlSecInternalError2("xmlSecGnuTLSKeyDataX509GetCrl",
+ xmlSecKeyDataGetName(data),
+ "pos=%d", pos);
return;
}
fprintf(output, "<CRL>\n");
@@ -892,29 +843,42 @@ xmlSecGnuTLSX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyIn
ret = 0;
if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
ret = xmlSecGnuTLSX509CertificateNodeRead(data, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509CertificateNodeRead",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
ret = xmlSecGnuTLSX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509SubjectNameNodeRead",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
ret = xmlSecGnuTLSX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509IssuerSerialNodeRead",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
ret = xmlSecGnuTLSX509SKINodeRead(data, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509SKINodeRead",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
ret = xmlSecGnuTLSX509CRLNodeRead(data, cur, keyInfoCtx);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecGnuTLSX509CRLNodeRead",
+ xmlSecKeyDataGetName(data));
+ return(-1);
+ }
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
/* laxi schema validation: ignore unknown nodes */
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "read node failed");
+ xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
return(-1);
}
}
@@ -937,11 +901,7 @@ xmlSecGnuTLSX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
xmlFree(content);
}
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
return(-1);
}
return(0);
@@ -949,22 +909,16 @@ xmlSecGnuTLSX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
cert = xmlSecGnuTLSX509CertBase64DerRead(content);
if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertBase64DerRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerRead",
+ xmlSecKeyDataGetName(data));
xmlFree(content);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
+ xmlSecKeyDataGetName(data));
gnutls_x509_crt_deinit(cert);
xmlFree(content);
return(-1);
@@ -986,29 +940,20 @@ xmlSecGnuTLSX509CertificateNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xm
/* set base64 lines size from context */
buf = xmlSecGnuTLSX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertBase64DerWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertBase64DerWrite", NULL);
return(-1);
}
- cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
+ cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509Certificate)", NULL);
xmlFree(buf);
return(-1);
}
/* todo: add \n around base64 data - from context */
/* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecStringCR);
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
xmlNodeSetContent(cur, buf);
xmlFree(buf);
return(0);
@@ -1027,7 +972,9 @@ xmlSecGnuTLSX509Trim(xmlChar * str) {
/* skip spaces from the beggining */
p = str;
- while(XMLSEC_GNUTLS_IS_SPACE(*p) && ((*p) != '\0')) ++p;
+ while(XMLSEC_GNUTLS_IS_SPACE(*p) && ((*p) != '\0')) {
+ ++p;
+ }
if(p != str) {
for(q = str; ; ++q, ++p) {
(*q) = (*p);
@@ -1038,8 +985,12 @@ xmlSecGnuTLSX509Trim(xmlChar * str) {
}
/* skip spaces from the end */
- for(p = str; (*p) != '\0'; ++p);
- while((p > str) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) *(--p) = '\0';
+ for(p = str; (*p) != '\0'; ++p) {
+ ;
+ }
+ while((p > str) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) {
+ *(--p) = '\0';
+ }
}
static int
@@ -1057,11 +1008,8 @@ xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
if(x509Store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeysMngrGetDataStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -1071,11 +1019,7 @@ xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
xmlFree(subject);
}
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
return(-1);
}
return(0);
@@ -1086,12 +1030,8 @@ xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
if(cert == NULL){
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- NULL,
- XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- "subject=%s",
- xmlSecErrorsSafeString(subject));
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "subject=%s", xmlSecErrorsSafeString(subject));
xmlFree(subject);
return(-1);
}
@@ -1102,23 +1042,16 @@ xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlS
cert2 = xmlSecGnuTLSX509CertDup(cert);
if(cert2 == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertDup",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
-
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup",
+ xmlSecKeyDataGetName(data));
xmlFree(subject);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
+ xmlSecKeyDataGetName(data));
gnutls_x509_crt_deinit(cert2);
xmlFree(subject);
return(-1);
@@ -1132,35 +1065,32 @@ static int
xmlSecGnuTLSX509SubjectNameNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
xmlChar* buf = NULL;
xmlNodePtr cur = NULL;
+ int ret;
xmlSecAssert2(cert != NULL, -1);
xmlSecAssert2(node != NULL, -1);
/* add node */
- cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
+ cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SubjectName)", NULL);
return(-1);
}
/* get subject */
buf = xmlSecGnuTLSX509CertGetSubjectDN(cert);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertGetSubjectDN",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertGetSubjectDN", NULL);
return(-1);
}
/* set value */
- xmlSecNodeEncodeAndSetContent(cur, buf);
+ ret = xmlSecNodeEncodeAndSetContent(cur, buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
+ xmlFree(buf);
+ return(-1);
+ }
/* done */
xmlFree(buf);
@@ -1184,23 +1114,16 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
if(x509Store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeysMngrGetDataStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore",
+ xmlSecKeyDataGetName(data));
return(-1);
}
cur = xmlSecGetNextElementNode(node->children);
if(cur == NULL) {
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
- XMLSEC_ERRORS_R_NODE_NOT_FOUND,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecNodeNotFoundError("xmlSecGetNextElementNode", node, NULL,
+ xmlSecKeyDataGetName(data));
return(-1);
}
return(0);
@@ -1208,56 +1131,32 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
/* the first is required node X509IssuerName */
if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
- XMLSEC_ERRORS_R_NODE_NOT_FOUND,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInvalidNodeError(cur, xmlSecNodeX509IssuerName, xmlSecKeyDataGetName(data));
return(-1);
}
issuerName = xmlNodeGetContent(cur);
if(issuerName == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+ xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
return(-1);
}
cur = xmlSecGetNextElementNode(cur->next);
/* next is required node X509SerialNumber */
if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_NODE_NOT_FOUND,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+ xmlSecInvalidNodeError(cur, xmlSecNodeX509SerialNumber, xmlSecKeyDataGetName(data));
xmlFree(issuerName);
return(-1);
}
issuerSerial = xmlNodeGetContent(cur);
if(issuerSerial == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInvalidNodeContentError(cur, xmlSecKeyDataGetName(data), "empty");
xmlFree(issuerName);
return(-1);
}
cur = xmlSecGetNextElementNode(cur->next);
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, xmlSecKeyDataGetName(data));
xmlFree(issuerSerial);
xmlFree(issuerName);
return(-1);
@@ -1269,13 +1168,10 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
if(cert == NULL){
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- NULL,
- XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- "issuerName=%s;issuerSerial=%s",
- xmlSecErrorsSafeString(issuerName),
- xmlSecErrorsSafeString(issuerSerial));
+ xmlSecOtherError3(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "issuerName=%s;issuerSerial=%s",
+ xmlSecErrorsSafeString(issuerName),
+ xmlSecErrorsSafeString(issuerSerial));
xmlFree(issuerSerial);
xmlFree(issuerName);
return(-1);
@@ -1287,11 +1183,8 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
cert2 = xmlSecGnuTLSX509CertDup(cert);
if(cert2 == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertDup",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup",
+ xmlSecKeyDataGetName(data));
xmlFree(issuerSerial);
xmlFree(issuerName);
return(-1);
@@ -1299,11 +1192,8 @@ xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
+ xmlSecKeyDataGetName(data));
gnutls_x509_crt_deinit(cert2);
xmlFree(issuerSerial);
xmlFree(issuerName);
@@ -1321,69 +1211,60 @@ xmlSecGnuTLSX509IssuerSerialNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, x
xmlNodePtr issuerNameNode;
xmlNodePtr issuerNumberNode;
xmlChar* buf;
+ int ret;
xmlSecAssert2(cert != NULL, -1);
xmlSecAssert2(node != NULL, -1);
/* create xml nodes */
- cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
+ cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerSerial)", NULL);
return(-1);
}
- issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
+ issuerNameNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
if(issuerNameNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509IssuerName)", NULL);
return(-1);
}
- issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
+ issuerNumberNode = xmlSecEnsureEmptyChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
if(issuerNumberNode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SerialNumber)", NULL);
return(-1);
}
/* write data */
buf = xmlSecGnuTLSX509CertGetIssuerDN(cert);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertGetIssuerDN",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertGetIssuerDN", NULL);
+ return(-1);
+ }
+
+ ret = xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNameNode)", NULL);
+ xmlFree(buf);
return(-1);
}
- xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
xmlFree(buf);
buf = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertGetIssuerSerial",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertGetIssuerSerial", NULL);
return(-1);
}
- xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
- xmlFree(buf);
+ ret = xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNodeEncodeAndSetContent(issuerNumberNode)", NULL);
+ xmlFree(buf);
+ return(-1);
+ }
+
+ /* done */
+ xmlFree(buf);
return(0);
}
@@ -1403,11 +1284,8 @@ xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
if(x509Store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeysMngrGetDataStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -1417,12 +1295,7 @@ xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
xmlFree(ski);
}
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+ xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
return(-1);
}
return(0);
@@ -1434,12 +1307,9 @@ xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
xmlFree(ski);
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- NULL,
- XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- "ski=%s",
- xmlSecErrorsSafeString(ski));
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data),
+ "ski=%s",
+ xmlSecErrorsSafeString(ski));
return(-1);
}
return(0);
@@ -1447,22 +1317,16 @@ xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
cert2 = xmlSecGnuTLSX509CertDup(cert);
if(cert2 == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertDup",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup",
+ xmlSecKeyDataGetName(data));
xmlFree(ski);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
+ xmlSecKeyDataGetName(data));
gnutls_x509_crt_deinit(cert2);
xmlFree(ski);
return(-1);
@@ -1476,36 +1340,34 @@ static int
xmlSecGnuTLSX509SKINodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
xmlChar *buf = NULL;
xmlNodePtr cur = NULL;
+ int ret;
xmlSecAssert2(cert != NULL, -1);
xmlSecAssert2(node != NULL, -1);
/* add node */
- cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
+ cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "new_node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509SKI)", NULL);
return(-1);
}
/* write value */
buf = xmlSecGnuTLSX509CertGetSKI(cert);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertGetSKI",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertGetSKI", NULL);
return(-1);
}
- xmlSecNodeEncodeAndSetContent(cur, buf);
- xmlFree(buf);
+ ret = xmlSecNodeEncodeAndSetContent(cur, buf);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecNodeEncodeAndSetContent", NULL);
+ xmlFree(buf);
+ return(-1);
+ }
+ /* done */
+ xmlFree(buf);
return(0);
}
@@ -1525,11 +1387,7 @@ xmlSecGnuTLSX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
xmlFree(content);
}
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
- XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInvalidNodeContentError(node, xmlSecKeyDataGetName(data), "empty");
return(-1);
}
return(0);
@@ -1537,22 +1395,16 @@ xmlSecGnuTLSX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInf
crl = xmlSecGnuTLSX509CrlBase64DerRead(content);
if(crl == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CrlBase64DerRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerRead",
+ xmlSecKeyDataGetName(data));
xmlFree(content);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCrl(data, crl);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSKeyDataX509AdoptCrl",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCrl",
+ xmlSecKeyDataGetName(data));
gnutls_x509_crl_deinit(crl);
xmlFree(content);
return(-1);
@@ -1574,28 +1426,19 @@ xmlSecGnuTLSX509CRLNodeWrite(gnutls_x509_crl_t crl, xmlNodePtr node, xmlSecKeyIn
/* set base64 lines size from context */
buf = xmlSecGnuTLSX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
if(buf == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CrlBase64DerWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CrlBase64DerWrite", NULL);
return(-1);
}
- cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
+ cur = xmlSecEnsureEmptyChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
if(cur == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecAddChild",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "new_node=%s",
- xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+ xmlSecInternalError("xmlSecEnsureEmptyChild(NodeX509CRL)", NULL);
xmlFree(buf);
return(-1);
}
/* todo: add \n around base64 data - from context */
/* todo: add errors check */
- xmlNodeSetContent(cur, xmlSecStringCR);
+ xmlNodeSetContent(cur, xmlSecGetDefaultLineFeed());
xmlNodeSetContent(cur, buf);
xmlFree(buf);
@@ -1620,11 +1463,8 @@ xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr k
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
if(x509Store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeysMngrGetDataStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeysMngrGetDataStore",
+ xmlSecKeyDataGetName(data));
return(-1);
}
@@ -1637,42 +1477,30 @@ xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr k
ctx->keyCert = xmlSecGnuTLSX509CertDup(cert);
if(ctx->keyCert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertDup",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertDup",
+ xmlSecKeyDataGetName(data));
return(-1);
}
keyValue = xmlSecGnuTLSX509CertGetKey(ctx->keyCert);
if(keyValue == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecGnuTLSX509CertGetKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertGetKey",
+ xmlSecKeyDataGetName(data));
return(-1);
}
/* verify that the key matches our expectations */
if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeyReqMatchKeyValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyReqMatchKeyValue",
+ xmlSecKeyDataGetName(data));
xmlSecKeyDataDestroy(keyValue);
return(-1);
}
ret = xmlSecKeySetValue(key, keyValue);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(data));
xmlSecKeyDataDestroy(keyValue);
return(-1);
}
@@ -1680,28 +1508,22 @@ xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr k
/* get expiration time */
key->notValidBefore = gnutls_x509_crt_get_activation_time(ctx->keyCert);
if(key->notValidBefore == (time_t)-1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "gnutls_x509_crt_get_activation_time",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecGnuTLSError2("gnutls_x509_crt_get_activation_time", GNUTLS_E_SUCCESS,
+ xmlSecKeyDataGetName(data),
+ "cert activation time is invalid: %ld",
+ (unsigned long)key->notValidBefore);
return(-1);
}
key->notValidAfter = gnutls_x509_crt_get_expiration_time(ctx->keyCert);
if(key->notValidAfter == (time_t)-1) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- "gnutls_x509_crt_get_expiration_time",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecGnuTLSError2("gnutls_x509_crt_get_expiration_time", GNUTLS_E_SUCCESS,
+ xmlSecKeyDataGetName(data),
+ "cert expiration time is invalid: %ld",
+ (unsigned long)key->notValidAfter);
return(-1);
}
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
- NULL,
- XMLSEC_ERRORS_R_CERT_NOT_FOUND,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError(XMLSEC_ERRORS_R_CERT_NOT_FOUND, xmlSecKeyDataGetName(data), NULL);
return(-1);
}
}
@@ -1728,11 +1550,7 @@ xmlSecGnuTLSX509CertGetKey(gnutls_x509_crt_t cert) {
alg = gnutls_x509_crt_get_pk_algorithm(cert, &bits);
if(alg < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gnutls_x509_crt_get_pk_algorithm",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GNUTLS_REPORT_ERROR(alg));
+ xmlSecGnuTLSError("gnutls_x509_crt_get_pk_algorithm", alg, NULL);
return(NULL);
}
@@ -1744,31 +1562,19 @@ xmlSecGnuTLSX509CertGetKey(gnutls_x509_crt_t cert) {
data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataRsaId);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGnuTLSKeyDataRsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(KeyDataRsaId)", NULL);
return(NULL);
}
err = gnutls_x509_crt_get_pk_rsa_raw(cert, &m, &e);
if(err != GNUTLS_E_SUCCESS) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gnutls_x509_crt_get_pk_rsa_raw",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GNUTLS_REPORT_ERROR(err));
+ xmlSecGnuTLSError("gnutls_x509_crt_get_pk_rsa_raw", err, NULL);
return(NULL);
}
ret = xmlSecGnuTLSKeyDataRsaAdoptPublicKey(data, &m, &e);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSKeyDataRsaAdoptPublicKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataRsaAdoptPublicKey", NULL);
gnutls_free(m.data);
gnutls_free(e.data);
return(NULL);
@@ -1785,31 +1591,19 @@ xmlSecGnuTLSX509CertGetKey(gnutls_x509_crt_t cert) {
data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataDsaId);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecGnuTLSKeyDataDsaId");
+ xmlSecInternalError("xmlSecKeyDataCreate(KeyDataDsaId)", NULL);
return(NULL);
}
err = gnutls_x509_crt_get_pk_dsa_raw(cert, &p, &q, &g, &y);
if(err != GNUTLS_E_SUCCESS) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gnutls_x509_crt_get_pk_dsa_raw",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_GNUTLS_REPORT_ERROR(err));
+ xmlSecGnuTLSError("gnutls_x509_crt_get_pk_dsa_raw", err, NULL);
return(NULL);
}
ret = xmlSecGnuTLSKeyDataDsaAdoptPublicKey(data, &p, &q, &g, &y);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSKeyDataDsaAdoptPublicKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataDsaAdoptPublicKey", NULL);
gnutls_free(p.data);
gnutls_free(q.data);
gnutls_free(g.data);
@@ -1823,11 +1617,7 @@ xmlSecGnuTLSX509CertGetKey(gnutls_x509_crt_t cert) {
default:
{
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "gnutls_x509_crt_get_pk_algorithm",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "Unsupported algorithm %d", (int)alg);
+ xmlSecInvalidIntegerTypeError("key_alg", alg, "supported algorithm", NULL);
return(NULL);
}
}
@@ -1915,43 +1705,30 @@ xmlSecGnuTLSKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
cert = xmlSecGnuTLSX509CertRead(buf, bufSize, xmlSecKeyDataFormatCertDer);
if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecGnuTLSX509CertRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSX509CertRead", NULL);
return(-1);
}
data = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecKeyEnsureData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyEnsureData",
+ xmlSecKeyDataKlassGetName(id));
gnutls_x509_crt_deinit(cert);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509AdoptCert",
+ xmlSecKeyDataKlassGetName(id));
gnutls_x509_crt_deinit(cert);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
- "xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
+ xmlSecKeyDataKlassGetName(id));
return(-1);
}
return(0);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 19:18:20 +0000