summaryrefslogtreecommitdiff
path: root/src/mscrypto/x509vfy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/mscrypto/x509vfy.c')
-rw-r--r--src/mscrypto/x509vfy.c374
1 files changed, 125 insertions, 249 deletions
diff --git a/src/mscrypto/x509vfy.c b/src/mscrypto/x509vfy.c
index 899cb6e3..fbc5447e 100644
--- a/src/mscrypto/x509vfy.c
+++ b/src/mscrypto/x509vfy.c
@@ -1,7 +1,5 @@
-/**
- * XMLSec library
- *
- * X509 support
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
*
*
* This is free software; see Copyright file in the source
@@ -10,6 +8,13 @@
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
* Copyright (C) 2003-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
+/**
+ * SECTION:x509vfy
+ * @Short_description: X509 certificates verification support functions for Microsoft Crypto API.
+ * @Stability: Private
+ *
+ */
+
#include "globals.h"
#ifndef XMLSEC_NO_X509
@@ -182,11 +187,8 @@ xmlSecMSCryptoCheckRevocation(HCERTSTORE hStore, PCCERT_CONTEXT pCert) {
while((pCrl = CertEnumCRLsInStore(hStore, pCrl)) != NULL) {
if (CertFindCertificateInCRL(pCert, pCrl, 0, NULL, &pCrlEntry) && (pCrlEntry != NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CertFindCertificateInCRL",
- XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
- "cert found in crl list");
+ xmlSecOtherError(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED, NULL,
+ "CertFindCertificateInCRL: cert found in crl list");
return(FALSE);
}
}
@@ -197,7 +199,6 @@ xmlSecMSCryptoCheckRevocation(HCERTSTORE hStore, PCCERT_CONTEXT pCert) {
static void
xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, DWORD flags) {
xmlChar * subject = NULL;
- DWORD dwSize;
xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
xmlSecAssert(cert != NULL);
@@ -206,47 +207,38 @@ xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cer
/* get certs subject */
subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
if(subject == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "xmlSecMSCryptoX509GetNameString",
- NULL,
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecMSCryptoX509GetNameString", NULL);
return;
}
/* print error */
if (flags & CERT_STORE_SIGNATURE_FLAG) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- xmlSecErrorsSafeString(subject),
- XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
- "signature");
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
+ xmlSecKeyDataStoreGetName(store),
+ "signature failed, subject=%s",
+ xmlSecErrorsSafeString(subject));
} else if (flags & CERT_STORE_TIME_VALIDITY_FLAG) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- xmlSecErrorsSafeString(subject),
- XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
+ xmlSecKeyDataStoreGetName(store),
+ "subject=%s",
+ xmlSecErrorsSafeString(subject));
} else if (flags & CERT_STORE_REVOCATION_FLAG) {
if (flags & CERT_STORE_NO_CRL_FLAG) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- xmlSecErrorsSafeString(subject),
- XMLSEC_ERRORS_R_CERT_REVOKED,
- "no crl");
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_REVOKED,
+ xmlSecKeyDataStoreGetName(store),
+ "no crl, subject=%s",
+ xmlSecErrorsSafeString(subject));
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- xmlSecErrorsSafeString(subject),
- XMLSEC_ERRORS_R_CERT_REVOKED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_REVOKED,
+ xmlSecKeyDataStoreGetName(store),
+ "subject=%s",
+ xmlSecErrorsSafeString(subject));
}
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- xmlSecErrorsSafeString(subject),
- XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError2(XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
+ xmlSecKeyDataStoreGetName(store),
+ "subject=%s",
+ xmlSecErrorsSafeString(subject));
}
xmlFree(subject);
@@ -267,90 +259,66 @@ static BOOL
xmlSecBuildChainUsingWinapi (PCCERT_CONTEXT cert, LPFILETIME pfTime,
HCERTSTORE store_untrusted, HCERTSTORE store_doc)
{
- PCCERT_CHAIN_CONTEXT pChainContext = NULL;
- CERT_CHAIN_PARA chainPara;
- BOOL rc = FALSE;
- HCERTSTORE store_add = NULL;
+ PCCERT_CHAIN_CONTEXT pChainContext = NULL;
+ CERT_CHAIN_PARA chainPara;
+ BOOL rc = FALSE;
+ HCERTSTORE store_add = NULL;
/* Initialize data structures. */
-
- memset(&chainPara, 0, sizeof(CERT_CHAIN_PARA));
- chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
-
- /* Create additional store for CertGetCertificateChain() */
- store_add = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, 0, NULL);
- if (!store_add) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "chain additional collection store",
- "CertOpenStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto end;
- }
- if (!CertAddStoreToCollection(store_add, store_doc, 0, 0)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "adding document store",
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto end;
- }
- if (!CertAddStoreToCollection(store_add, store_untrusted, 0, 0)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "adding untrusted store",
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto end;
- }
+ memset(&chainPara, 0, sizeof(CERT_CHAIN_PARA));
+ chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
+
+ /* Create additional store for CertGetCertificateChain() */
+ store_add = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, 0, NULL);
+ if (!store_add) {
+ xmlSecMSCryptoError("CertOpenStore", NULL);
+ goto end;
+ }
+ if (!CertAddStoreToCollection(store_add, store_doc, 0, 0)) {
+ xmlSecMSCryptoError("CertAddStoreToCollection", NULL);
+ goto end;
+ }
+ if (!CertAddStoreToCollection(store_add, store_untrusted, 0, 0)) {
+ xmlSecMSCryptoError("CertAddStoreToCollection", NULL);
+ goto end;
+ }
/* Build a chain using CertGetCertificateChain
and the certificate retrieved. */
- if(!CertGetCertificateChain(
- NULL, /* use the default chain engine */
+ if(!CertGetCertificateChain(NULL, /* use the default chain engine */
cert,
- pfTime,
+ pfTime,
store_add,
&chainPara,
CERT_CHAIN_REVOCATION_CHECK_CHAIN,
- NULL,
- &pChainContext))
- {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "building certificate chain, checking root",
- "CertGetCertificateChain",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto end;
+ NULL,
+ &pChainContext)) {
+ xmlSecMSCryptoError("CertGetCertificateChain", NULL);
+ goto end;
+ }
+ if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_REVOCATION_STATUS_UNKNOWN) {
+ CertFreeCertificateChain(pChainContext); pChainContext = NULL;
+ if(!CertGetCertificateChain(NULL, /* use the default chain engine */
+ cert,
+ pfTime,
+ store_add,
+ &chainPara,
+ CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT,
+ NULL,
+ &pChainContext)) {
+ xmlSecMSCryptoError("CertGetCertificateChain", NULL);
+ goto end;
}
- if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_REVOCATION_STATUS_UNKNOWN) {
- CertFreeCertificateChain(pChainContext); pChainContext = NULL;
- if(!CertGetCertificateChain(
- NULL, /* use the default chain engine */
- cert,
- pfTime,
- store_add,
- &chainPara,
- CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT,
- NULL,
- &pChainContext))
- {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "building certificate chain, excluding root",
- "CertGetCertificateChain",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto end;
- }
}
- if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR)
- rc = TRUE;
+ if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR) {
+ rc = TRUE;
+ }
end:
- if (pChainContext) CertFreeCertificateChain(pChainContext);
- if (store_add) CertCloseStore(store_add, 0);
- return (rc);
+ if (pChainContext) CertFreeCertificateChain(pChainContext);
+ if (store_add) CertCloseStore(store_add, 0);
+ return (rc);
}
/**
@@ -560,8 +528,11 @@ xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs,
CertFreeCertificateContext(nextCert);
}
- if((selected == 1) && xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) {
- return(cert);
+ if(selected == 1) {
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) != 0
+ || xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) {
+ return(cert);
+ }
}
}
@@ -596,25 +567,20 @@ xmlSecMSCryptoX509StoreAdoptCert(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT pCe
} else if(type == xmlSecKeyDataTypeNone) {
certStore = ctx->untrusted;
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- NULL,
- XMLSEC_ERRORS_R_INVALID_TYPE,
- "type=%d", type);
+ xmlSecInvalidIntegerTypeError("type", type,
+ "xmlSecKeyDataTypeTrusted, xmlSecKeyDataTypeNone",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
/* TODO: The context to be added here is not duplicated first,
- * hopefully this will not lead to errors when closing teh store
+ * hopefully this will not lead to errors when closing the store
* and freeing the mem for all the context in the store.
*/
xmlSecAssert2(certStore != NULL, -1);
if (!CertAddCertificateContextToStore(certStore, pCert, CERT_STORE_ADD_ALWAYS, NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddCertificateContextToStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddCertificateContextToStore",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
@@ -643,11 +609,8 @@ xmlSecMSCryptoX509StoreAdoptKeyStore (xmlSecKeyDataStorePtr store, HCERTSTORE ke
xmlSecAssert2(ctx->trusted != NULL, -1);
if(!CertAddStoreToCollection ( ctx->trusted , keyStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 2)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddStoreToCollection",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
@@ -675,11 +638,8 @@ xmlSecMSCryptoX509StoreAdoptTrustedStore (xmlSecKeyDataStorePtr store, HCERTSTOR
xmlSecAssert2(ctx->trusted != NULL, -1);
if( !CertAddStoreToCollection ( ctx->trusted , trustedStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 3 ) ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddStoreToCollection",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
@@ -707,11 +667,8 @@ xmlSecMSCryptoX509StoreAdoptUntrustedStore (xmlSecKeyDataStorePtr store, HCERTST
xmlSecAssert2(ctx->untrusted != NULL, -1);
if( !CertAddStoreToCollection ( ctx->untrusted , untrustedStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 2 ) ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddStoreToCollection",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
@@ -735,7 +692,7 @@ xmlSecMSCryptoX509StoreEnableSystemTrustedCerts (xmlSecKeyDataStorePtr store, in
xmlSecAssert(ctx != NULL);
xmlSecAssert(ctx->untrusted != NULL);
- /* it is other way around to make default value 0 mimic old behaiviour */
+ /* it is other way around to make default value 0 mimic old behaviour */
ctx->dont_use_system_trusted_certs = !val;
}
@@ -759,11 +716,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
0,
NULL);
if(ctx->trusted == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertOpenStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertOpenStore",
+ xmlSecKeyDataStoreGetName(store));
return(-1);
}
@@ -774,11 +728,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
CERT_STORE_CREATE_NEW_FLAG,
NULL);
if(hTrustedMemStore == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertOpenStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertOpenStore",
+ xmlSecKeyDataStoreGetName(store));
CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
ctx->trusted = NULL ;
return(-1);
@@ -786,11 +737,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
/* add the memory trusted certs store to trusted certs store collection */
if( !CertAddStoreToCollection( ctx->trusted, hTrustedMemStore, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 1 ) ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddStoreToCollection",
+ xmlSecKeyDataStoreGetName(store));
CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
CertCloseStore(hTrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
ctx->trusted = NULL ;
@@ -805,11 +753,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
0,
NULL);
if(ctx->untrusted == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertOpenStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertOpenStore",
+ xmlSecKeyDataStoreGetName(store));
CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
ctx->trusted = NULL ;
return(-1);
@@ -822,11 +767,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
CERT_STORE_CREATE_NEW_FLAG,
NULL);
if(hUntrustedMemStore == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertOpenStore",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertOpenStore",
+ xmlSecKeyDataStoreGetName(store));
CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_FORCE_FLAG);
ctx->trusted = NULL ;
@@ -836,11 +778,8 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
/* add the memory trusted certs store to untrusted certs store collection */
if( !CertAddStoreToCollection( ctx->untrusted, hUntrustedMemStore, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 1 ) ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
- "CertAddStoreToCollection",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertAddStoreToCollection",
+ xmlSecKeyDataStoreGetName(store));
CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_FORCE_FLAG);
CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
CertCloseStore(hUntrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
@@ -899,28 +838,19 @@ xmlSecMSCryptoCertStrToName(DWORD dwCertEncodingType, LPTSTR pszX500, DWORD dwSt
if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
NULL, NULL, len, &ppszError)) {
/* this might not be an error, string might just not exist */
- DWORD dw = GetLastError();
return(NULL);
}
str = (BYTE *)xmlMalloc(sizeof(TCHAR) * ((*len) + 1));
if(str == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "len=%ld", (*len));
+ xmlSecMallocError(sizeof(TCHAR) * ((*len) + 1), NULL);
return(NULL);
}
memset(str, 0, (*len) + 1);
if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
NULL, str, len, NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CertStrToName",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertStrToName", NULL);
xmlFree(str);
return(NULL);
}
@@ -1163,12 +1093,7 @@ xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
*/
name2 = xmlStrdup(name);
if(name2 == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "xmlStrlen(name)=%d",
- xmlStrlen(name));
+ xmlSecStrdupError(name, NULL);
return(NULL);
}
while( (p = (xmlChar*)xmlStrstr(name2, BAD_CAST "emailAddress=")) != NULL) {
@@ -1176,13 +1101,9 @@ xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
}
/* get name */
- res = xmlSecMSCryptoConvertUtf8ToTstr(name2);
+ res = xmlSecWin32ConvertUtf8ToTstr(name2);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecMSCryptoConvertUtf8ToTstr",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecWin32ConvertUtf8ToTstr", NULL);
xmlFree(name2);
return(NULL);
}
@@ -1209,11 +1130,7 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
/* get unicode subject name */
wcSubjectName = xmlSecMSCryptoX509GetCertName(subjectName);
if(wcSubjectName == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecMSCryptoX509GetCertName",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "wcSubjectName");
+ xmlSecInternalError("xmlSecMSCryptoX509GetCertName(subjectName)", NULL);
return(NULL);
}
@@ -1234,21 +1151,13 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
/* get serial number */
ret = xmlSecBnInitialize(&issuerSerialBn, 0);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBnInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecBnInitialize", NULL);
return(NULL);
}
ret = xmlSecBnFromDecString(&issuerSerialBn, issuerSerial);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBnInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecBnInitialize", NULL);
xmlSecBnFinalize(&issuerSerialBn);
return(NULL);
}
@@ -1259,11 +1168,7 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
*/
ret = xmlSecBnReverse(&issuerSerialBn);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBnReverse",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecBnReverse", NULL);
xmlSecBnFinalize(&issuerSerialBn);
return(NULL);
}
@@ -1271,11 +1176,7 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
/* get issuer name */
wcIssuerName = xmlSecMSCryptoX509GetCertName(issuerName);
if(wcIssuerName == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecMSCryptoX509GetCertName",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "wcIssuerName");
+ xmlSecInternalError("xmlSecMSCryptoX509GetCertName(issuerName)", NULL);
xmlSecBnFinalize(&issuerSerialBn);
return(NULL);
}
@@ -1299,23 +1200,14 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
binSki = xmlStrdup(ski);
if(binSki == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecStrdupError(ski, NULL);
return (NULL);
}
/* trick: base64 decode "in place" */
binSkiLen = xmlSecBase64Decode(binSki, (xmlSecByte*)binSki, xmlStrlen(binSki));
if(binSkiLen < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBase64Decode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "ski=%s",
- xmlSecErrorsSafeString(ski));
+ xmlSecInternalError("xmlSecBase64Decode", NULL);
xmlFree(binSki);
return(NULL);
}
@@ -1357,44 +1249,28 @@ xmlSecMSCryptoX509GetNameString(PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD
/* get size first */
dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, NULL, 0);
if(dwSize <= 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "CertGetNameString",
- NULL,
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertGetNameString", NULL);
return (NULL);
}
/* allocate buffer */
name = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (dwSize + 1));
if(name == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMallocError(sizeof(TCHAR) * (dwSize + 1), NULL);
return (NULL);
}
/* actually get the name */
dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, name, dwSize);
if(dwSize <= 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "CertGetNameString",
- NULL,
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecMSCryptoError("CertGetNameString", NULL);
xmlFree(name);
return (NULL);
}
- res = xmlSecMSCryptoConvertTstrToUtf8(name);
+ res = xmlSecWin32ConvertTstrToUtf8(name);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- "xmlSecMSCryptoConvertTstrToUtf8",
- NULL,
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecWin32ConvertTstrToUtf8", NULL);
xmlFree(name);
return (NULL);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 17:40:34 +0000