summaryrefslogtreecommitdiff
path: root/src/nss/app.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/nss/app.c')
-rw-r--r--src/nss/app.c1632
1 files changed, 816 insertions, 816 deletions
diff --git a/src/nss/app.c b/src/nss/app.c
index 8aaf3327..dabe36d1 100644
--- a/src/nss/app.c
+++ b/src/nss/app.c
@@ -1,9 +1,9 @@
-/**
+/**
* XMLSec library
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
- *
+ *
* Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
* Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
@@ -34,34 +34,34 @@
#include <xmlsec/nss/keysstore.h>
/* workaround - NSS exports this but doesn't declare it */
-extern CERTCertificate * __CERT_NewTempCertificate (CERTCertDBHandle *handle,
- SECItem *derCert,
- char *nickname,
- PRBool isperm,
- PRBool copyDER);
-static int xmlSecNssAppCreateSECItem (SECItem *contents,
- const xmlSecByte* data,
- xmlSecSize dataSize);
-static int xmlSecNssAppReadSECItem (SECItem *contents,
- const char *fn);
-static PRBool xmlSecNssAppAscii2UCS2Conv (PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen,
- PRBool swapBytes);
-static SECItem *xmlSecNssAppNicknameCollisionCallback (SECItem *old_nick,
- PRBool *cancel,
- void *wincx);
-static xmlSecKeyPtr xmlSecNssAppDerKeyLoadSECItem (SECItem* secItem);
+extern CERTCertificate * __CERT_NewTempCertificate (CERTCertDBHandle *handle,
+ SECItem *derCert,
+ char *nickname,
+ PRBool isperm,
+ PRBool copyDER);
+static int xmlSecNssAppCreateSECItem (SECItem *contents,
+ const xmlSecByte* data,
+ xmlSecSize dataSize);
+static int xmlSecNssAppReadSECItem (SECItem *contents,
+ const char *fn);
+static PRBool xmlSecNssAppAscii2UCS2Conv (PRBool toUnicode,
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen,
+ PRBool swapBytes);
+static SECItem *xmlSecNssAppNicknameCollisionCallback (SECItem *old_nick,
+ PRBool *cancel,
+ void *wincx);
+static xmlSecKeyPtr xmlSecNssAppDerKeyLoadSECItem (SECItem* secItem);
/**
* xmlSecNssAppInit:
- * @config: the path to NSS database files.
- *
+ * @config: the path to NSS database files.
+ *
* General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before
+ * by XMLSec command line utility and called before
* @xmlSecInit function.
*
* Returns: 0 on success or a negative value otherwise.
@@ -71,34 +71,34 @@ xmlSecNssAppInit(const char* config) {
SECStatus rv;
if(config) {
- rv = NSS_InitReadWrite(config);
- if(rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "NSS_InitReadWrite",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "config=%s",
- xmlSecErrorsSafeString(config));
- return(-1);
- }
+ rv = NSS_InitReadWrite(config);
+ if(rv != SECSuccess) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "NSS_InitReadWrite",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "config=%s",
+ xmlSecErrorsSafeString(config));
+ return(-1);
+ }
} else {
- rv = NSS_NoDB_Init(NULL);
- if(rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "NSS_NoDB_Init",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
+ rv = NSS_NoDB_Init(NULL);
+ if(rv != SECSuccess) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "NSS_NoDB_Init",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
}
/* configure PKCS11 */
PK11_ConfigurePKCS11("manufacturesID", "libraryDescription",
"tokenDescription", "privateTokenDescription",
"slotDescription", "privateSlotDescription",
- "fipsSlotDescription", "fipsPrivateSlotDescription",
- 0, 0);
+ "fipsSlotDescription", "fipsPrivateSlotDescription",
+ 0, 0);
/* setup for PKCS12 */
PORT_SetUCS2_ASCIIConversionFunction(xmlSecNssAppAscii2UCS2Conv);
@@ -115,9 +115,9 @@ xmlSecNssAppInit(const char* config) {
/**
* xmlSecNssAppShutdown:
- *
+ *
* General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after
+ * by XMLSec command line utility and called after
* @xmlSecShutdown function.
*
* Returns: 0 on success or a negative value otherwise.
@@ -127,16 +127,16 @@ xmlSecNssAppShutdown(void) {
SECStatus rv;
/*
SSL_ClearSessionCache();
-*/
- PK11_LogoutAll();
+*/
+ PK11_LogoutAll();
rv = NSS_Shutdown();
if(rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "NSS_Shutdown",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "NSS_Shutdown",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
}
return(0);
}
@@ -149,17 +149,17 @@ xmlSecNssAppCreateSECItem(SECItem *contents, const xmlSecByte* data, xmlSecSize
contents->data = 0;
if (!SECITEM_AllocItem(NULL, contents, dataSize)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SECITEM_AllocItem",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SECITEM_AllocItem",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
if(dataSize > 0) {
- xmlSecAssert2(contents->data != NULL, -1);
- memcpy(contents->data, data, dataSize);
+ xmlSecAssert2(contents->data != NULL, -1);
+ memcpy(contents->data, data, dataSize);
}
return (0);
@@ -178,64 +178,64 @@ xmlSecNssAppReadSECItem(SECItem *contents, const char *fn) {
file = PR_Open(fn, PR_RDONLY, 00660);
if (file == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PR_Open",
- XMLSEC_ERRORS_R_IO_FAILED,
- "filename=%s",
- xmlSecErrorsSafeString(fn));
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "PR_Open",
+ XMLSEC_ERRORS_R_IO_FAILED,
+ "filename=%s",
+ xmlSecErrorsSafeString(fn));
+ goto done;
}
prStatus = PR_GetOpenFileInfo(file, &info);
if (prStatus != PR_SUCCESS) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PR_GetOpenFileInfo",
- XMLSEC_ERRORS_R_IO_FAILED,
- "filename=%s",
- xmlSecErrorsSafeString(fn));
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "PR_GetOpenFileInfo",
+ XMLSEC_ERRORS_R_IO_FAILED,
+ "filename=%s",
+ xmlSecErrorsSafeString(fn));
+ goto done;
}
contents->data = 0;
if (!SECITEM_AllocItem(NULL, contents, info.size)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SECITEM_AllocItem",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SECITEM_AllocItem",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
numBytes = PR_Read(file, contents->data, info.size);
if (numBytes != info.size) {
- SECITEM_FreeItem(contents, PR_FALSE);
- goto done;
+ SECITEM_FreeItem(contents, PR_FALSE);
+ goto done;
}
ret = 0;
done:
if (file) {
- PR_Close(file);
+ PR_Close(file);
}
return (ret);
}
-static PRBool
+static PRBool
xmlSecNssAppAscii2UCS2Conv(PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen,
- PRBool swapBytes ATTRIBUTE_UNUSED)
+ unsigned char *inBuf,
+ unsigned int inBufLen,
+ unsigned char *outBuf,
+ unsigned int maxOutBufLen,
+ unsigned int *outBufLen,
+ PRBool swapBytes ATTRIBUTE_UNUSED)
{
SECItem it;
-
+
if (toUnicode == PR_FALSE) {
- return (PR_FALSE);
+ return (PR_FALSE);
}
memset(&it, 0, sizeof(it));
@@ -243,16 +243,16 @@ xmlSecNssAppAscii2UCS2Conv(PRBool toUnicode,
it.len = inBufLen;
return(PORT_UCS2_UTF8Conversion(toUnicode, it.data, it.len,
- outBuf, maxOutBufLen, outBufLen));
+ outBuf, maxOutBufLen, outBufLen));
}
static SECItem *
xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
- PRBool *cancel,
- void *wincx ATTRIBUTE_UNUSED)
+ PRBool *cancel,
+ void *wincx ATTRIBUTE_UNUSED)
{
if (cancel == NULL) {
- return (NULL);
+ return (NULL);
}
/* XXX not handled yet */
@@ -262,11 +262,11 @@ xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
/**
* xmlSecNssAppKeyLoad:
- * @filename: the key filename.
- * @format: the key file format.
- * @pwd: the key file password.
- * @pwdCallback: the key password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @filename: the key filename.
+ * @format: the key file format.
+ * @pwd: the key file password.
+ * @pwdCallback: the key password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key from a file
*
@@ -274,11 +274,11 @@ xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
*/
xmlSecKeyPtr
xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
- const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+ const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
SECItem secItem;
xmlSecKeyPtr res;
int ret;
-
+
xmlSecAssert2(filename != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
@@ -286,23 +286,23 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppReadSECItem(&secItem, filename);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppReadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppReadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
res = xmlSecNssAppKeyLoadSECItem(&secItem, format, pwd, pwdCallback, pwdCallbackCtx);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(NULL);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -311,12 +311,12 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
/**
* xmlSecNssAppKeyLoadMemory:
- * @data: the key binary data.
- * @dataSize: the key binary data size.
- * @format: the key data format.
- * @pwd: the key data2 password.
- * @pwdCallback: the key password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @data: the key binary data.
+ * @dataSize: the key binary data size.
+ * @format: the key data format.
+ * @pwd: the key data2 password.
+ * @pwdCallback: the key password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key from a binary @data.
*
@@ -324,34 +324,34 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
*/
xmlSecKeyPtr
xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
- const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+ const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
SECItem secItem;
xmlSecKeyPtr res;
int ret;
-
+
xmlSecAssert2(data != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppCreateSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppCreateSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
res = xmlSecNssAppKeyLoadSECItem(&secItem, format, pwd, pwdCallback, pwdCallbackCtx);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(NULL);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -360,11 +360,11 @@ xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKey
/**
* xmlSecNssAppKeyLoadSECItem:
- * @secItem: the pointer to sec item.
- * @format: the key format.
- * @pwd: the key password.
- * @pwdCallback: the key password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @secItem: the pointer to sec item.
+ * @format: the key format.
+ * @pwd: the key password.
+ * @pwdCallback: the key password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key from a file
*
@@ -372,9 +372,9 @@ xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKey
*/
xmlSecKeyPtr
xmlSecNssAppKeyLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format,
- const char *pwd,
- void* pwdCallback,
- void* pwdCallbackCtx) {
+ const char *pwd,
+ void* pwdCallback,
+ void* pwdCallbackCtx) {
xmlSecKeyPtr key = NULL;
xmlSecAssert2(secItem != NULL, NULL);
@@ -383,46 +383,46 @@ xmlSecNssAppKeyLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format,
switch(format) {
#ifndef XMLSEC_NO_X509
case xmlSecKeyDataFormatPkcs12:
- key = xmlSecNssAppPkcs12LoadSECItem(secItem, pwd, pwdCallback, pwdCallbackCtx);
+ key = xmlSecNssAppPkcs12LoadSECItem(secItem, pwd, pwdCallback, pwdCallbackCtx);
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppPkcs12LoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
- break;
- case xmlSecKeyDataFormatCertDer:
- key = xmlSecNssAppKeyFromCertLoadSECItem(secItem, format);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppPkcs12LoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+ break;
+ case xmlSecKeyDataFormatCertDer:
+ key = xmlSecNssAppKeyFromCertLoadSECItem(secItem, format);
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyFromCertLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
- break;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyFromCertLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+ break;
#endif /* XMLSEC_NO_X509 */
case xmlSecKeyDataFormatDer:
- key = xmlSecNssAppDerKeyLoadSECItem(secItem);
+ key = xmlSecNssAppDerKeyLoadSECItem(secItem);
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppDerKeyLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
- break;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppDerKeyLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+ break;
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyLoad",
- XMLSEC_ERRORS_R_INVALID_FORMAT,
- "format=%d", format);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyLoad",
+ XMLSEC_ERRORS_R_INVALID_FORMAT,
+ "format=%d", format);
+ return(NULL);
}
return(key);
@@ -443,108 +443,108 @@ xmlSecNssAppDerKeyLoadSECItem(SECItem* secItem) {
xmlSecAssert2(secItem != NULL, NULL);
- /* we're importing a key about which we know nothing yet, just use the
- * internal slot
+ /* we're importing a key about which we know nothing yet, just use the
+ * internal slot
*/
slot = xmlSecNssGetInternalKeySlot();
if (slot == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssGetInternalKeySlot",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssGetInternalKeySlot",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
nickname.len = 0;
nickname.data = NULL;
- /* TRY PRIVATE KEY FIRST
+ /* TRY PRIVATE KEY FIRST
* Note: This expects the key to be in PrivateKeyInfo format. The
- * DER files created from PEM via openssl utilities aren't in that
+ * DER files created from PEM via openssl utilities aren't in that
* format
*/
- status = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, secItem,
- &nickname, NULL, PR_FALSE,
- PR_TRUE, KU_ALL, &privkey, NULL);
+ status = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, secItem,
+ &nickname, NULL, PR_FALSE,
+ PR_TRUE, KU_ALL, &privkey, NULL);
if (status != SECSuccess) {
- /* TRY PUBLIC KEY */
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(secItem);
- if (spki == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SECKEY_DecodeDERSubjectPublicKeyInfo",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- }
-
- pubkey = SECKEY_ExtractPublicKey(spki);
- if (pubkey == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SECKEY_ExtractPublicKey",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
+ /* TRY PUBLIC KEY */
+ spki = SECKEY_DecodeDERSubjectPublicKeyInfo(secItem);
+ if (spki == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SECKEY_DecodeDERSubjectPublicKeyInfo",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ }
+
+ pubkey = SECKEY_ExtractPublicKey(spki);
+ if (pubkey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SECKEY_ExtractPublicKey",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
}
data = xmlSecNssPKIAdoptKey(privkey, pubkey);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssPKIAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssPKIAdoptKey",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
privkey = NULL;
pubkey = NULL;
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
ret = xmlSecKeySetValue(key, data);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeySetValue",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+ goto done;
}
retval = key;
key = NULL;
data = NULL;
-
+
done:
if(slot != NULL) {
- PK11_FreeSlot(slot);
+ PK11_FreeSlot(slot);
}
if(privkey != NULL) {
- SECKEY_DestroyPrivateKey(privkey);
+ SECKEY_DestroyPrivateKey(privkey);
}
if(pubkey != NULL) {
- SECKEY_DestroyPublicKey(pubkey);
+ SECKEY_DestroyPublicKey(pubkey);
}
if(key != NULL) {
- xmlSecKeyDestroy(key);
+ xmlSecKeyDestroy(key);
}
if(data != NULL) {
- xmlSecKeyDataDestroy(data);
+ xmlSecKeyDataDestroy(data);
}
if(spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
}
return (retval);
}
@@ -552,19 +552,19 @@ done:
#ifndef XMLSEC_NO_X509
/**
* xmlSecNssAppKeyCertLoad:
- * @key: the pointer to key.
- * @filename: the certificate filename.
- * @format: the certificate file format.
+ * @key: the pointer to key.
+ * @filename: the certificate filename.
+ * @format: the certificate file format.
+ *
+ * Reads the certificate from $@filename and adds it to key
*
- * Reads the certificate from $@filename and adds it to key
- *
* Returns: 0 on success or a negative value otherwise.
*/
-int
+int
xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFormat format) {
SECItem secItem;
int ret;
-
+
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -573,23 +573,23 @@ xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFor
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppReadSECItem(&secItem, filename);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppReadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppReadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssAppKeyCertLoadSECItem(key, &secItem, format);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyCertLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyCertLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(-1);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -598,20 +598,20 @@ xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFor
/**
* xmlSecNssAppKeyCertLoadMemory:
- * @key: the pointer to key.
- * @data: the key binary data.
- * @dataSize: the key binary data size.
- * @format: the certificate format.
+ * @key: the pointer to key.
+ * @data: the key binary data.
+ * @dataSize: the key binary data size.
+ * @format: the certificate format.
+ *
+ * Reads the certificate from @data and adds it to key
*
- * Reads the certificate from @data and adds it to key
- *
* Returns: 0 on success or a negative value otherwise.
*/
-int
+int
xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format) {
SECItem secItem;
int ret;
-
+
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -620,23 +620,23 @@ xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSi
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppCreateSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppCreateSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssAppKeyCertLoadSECItem(key, &secItem, format);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeyCertLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeyCertLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(-1);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -645,15 +645,15 @@ xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSi
/**
* xmlSecNssAppKeyCertLoadSECItem:
- * @key: the pointer to key.
- * @secItem: the pointer to SECItem.
- * @format: the certificate format.
+ * @key: the pointer to key.
+ * @secItem: the pointer to SECItem.
+ * @format: the certificate format.
+ *
+ * Reads the certificate from @secItem and adds it to key
*
- * Reads the certificate from @secItem and adds it to key
- *
* Returns: 0 on success or a negative value otherwise.
*/
-int
+int
xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyDataFormat format) {
CERTCertificate *cert=NULL;
xmlSecKeyDataPtr data;
@@ -662,63 +662,63 @@ xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyData
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(secItem != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-
+
data = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyEnsureData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyEnsureData",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "transform=%s",
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+ return(-1);
}
switch(format) {
case xmlSecKeyDataFormatPkcs8Der:
case xmlSecKeyDataFormatDer:
- cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- secItem, NULL, PR_FALSE, PR_TRUE);
- if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "__CERT_NewTempCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "format=%d", format);
- return(-1);
- }
- break;
+ cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ secItem, NULL, PR_FALSE, PR_TRUE);
+ if(cert == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "__CERT_NewTempCertificate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "format=%d", format);
+ return(-1);
+ }
+ break;
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_FORMAT,
- "format=%d", format);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_FORMAT,
+ "format=%d", format);
+ return(-1);
+ }
+
xmlSecAssert2(cert != NULL, -1);
ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
- CERT_DestroyCertificate(cert);
- return(-1);
- }
-
- return(0);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeyDataX509AdoptCert",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+ CERT_DestroyCertificate(cert);
+ return(-1);
+ }
+
+ return(0);
}
/**
* xmlSecNssAppPkcs12Load:
- * @filename: the PKCS12 key filename.
- * @pwd: the PKCS12 file password.
- * @pwdCallback: the password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @filename: the PKCS12 key filename.
+ * @pwd: the PKCS12 file password.
+ * @pwdCallback: the password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key and all associated certificates from the PKCS12 file.
* For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -726,37 +726,37 @@ xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyData
*
* Returns: pointer to the key or NULL if an error occurs.
*/
-xmlSecKeyPtr
+xmlSecKeyPtr
xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
- void *pwdCallback ATTRIBUTE_UNUSED,
- void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+ void *pwdCallback ATTRIBUTE_UNUSED,
+ void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
SECItem secItem;
xmlSecKeyPtr res;
int ret;
-
+
xmlSecAssert2(filename != NULL, NULL);
/* read the file contents */
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppReadSECItem(&secItem, filename);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppReadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppReadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
res = xmlSecNssAppPkcs12LoadSECItem(&secItem, pwd, pwdCallback, pwdCallbackCtx);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppPkcs12LoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppPkcs12LoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(NULL);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -765,11 +765,11 @@ xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
/**
* xmlSecNssAppPkcs12LoadMemory:
- * @data: the key binary data.
- * @dataSize: the key binary data size.
- * @pwd: the PKCS12 password.
- * @pwdCallback: the password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @data: the key binary data.
+ * @dataSize: the key binary data size.
+ * @pwd: the PKCS12 password.
+ * @pwdCallback: the password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key and all associated certificates from the PKCS12 binary data.
* For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -777,36 +777,36 @@ xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
*
* Returns: pointer to the key or NULL if an error occurs.
*/
-xmlSecKeyPtr
+xmlSecKeyPtr
xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const char *pwd,
- void *pwdCallback ATTRIBUTE_UNUSED,
- void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+ void *pwdCallback ATTRIBUTE_UNUSED,
+ void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
SECItem secItem;
xmlSecKeyPtr res;
int ret;
-
+
xmlSecAssert2(data != NULL, NULL);
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppCreateSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppCreateSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(NULL);
+ }
+
res = xmlSecNssAppPkcs12LoadSECItem(&secItem, pwd, pwdCallback, pwdCallbackCtx);
if(res == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppPkcs12LoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppPkcs12LoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(NULL);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -816,10 +816,10 @@ xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const
/**
* xmlSecNssAppPkcs12LoadSECItem:
- * @secItem: the @SECItem object.
- * @pwd: the PKCS12 file password.
- * @pwdCallback: the password callback.
- * @pwdCallbackCtx: the user context for password callback.
+ * @secItem: the @SECItem object.
+ * @pwd: the PKCS12 file password.
+ * @pwdCallback: the password callback.
+ * @pwdCallbackCtx: the user context for password callback.
*
* Reads key and all associated certificates from the PKCS12 SECItem.
* For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -827,10 +827,10 @@ xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const
*
* Returns: pointer to the key or NULL if an error occurs.
*/
-xmlSecKeyPtr
+xmlSecKeyPtr
xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
- void *pwdCallback ATTRIBUTE_UNUSED,
- void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+ void *pwdCallback ATTRIBUTE_UNUSED,
+ void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
xmlSecKeyPtr key = NULL;
xmlSecKeyDataPtr data = NULL;
xmlSecKeyDataPtr x509Data = NULL;
@@ -851,116 +851,116 @@ xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
xmlSecAssert2((secItem != NULL), NULL);
if (pwd == NULL) {
- pwd = "";
+ pwd = "";
}
memset(&uc2_pwditem, 0, sizeof(uc2_pwditem));
-
- /* we're importing a key about which we know nothing yet, just use the
- * internal slot. We have no criteria to choose a slot.
+
+ /* we're importing a key about which we know nothing yet, just use the
+ * internal slot. We have no criteria to choose a slot.
*/
slot = xmlSecNssGetInternalKeySlot();
if (slot == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssGetInternalKeySlot",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssGetInternalKeySlot",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
pwditem.data = (unsigned char *)pwd;
pwditem.len = strlen(pwd)+1;
if (!SECITEM_AllocItem(NULL, &uc2_pwditem, 2*pwditem.len)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SECITEM_AllocItem",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SECITEM_AllocItem",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
if (PORT_UCS2_ASCIIConversion(PR_TRUE, pwditem.data, pwditem.len,
uc2_pwditem.data, 2*pwditem.len,
&(uc2_pwditem.len), 0) == PR_FALSE) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PORT_UCS2_ASCIIConversion",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "PORT_UCS2_ASCIIConversion",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
p12ctx = SEC_PKCS12DecoderStart(&uc2_pwditem, slot, NULL,
NULL, NULL, NULL, NULL, NULL);
if (p12ctx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderStart",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderStart",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
rv = SEC_PKCS12DecoderUpdate(p12ctx, secItem->data, secItem->len);
if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderUpdate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderUpdate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
rv = SEC_PKCS12DecoderVerify(p12ctx);
if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderVerify",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderVerify",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
rv = SEC_PKCS12DecoderValidateBags(p12ctx, xmlSecNssAppNicknameCollisionCallback);
if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderValidateBags",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderValidateBags",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
rv = SEC_PKCS12DecoderImportBags(p12ctx);
if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderImportBags",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderImportBags",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
certlist = SEC_PKCS12DecoderGetCerts(p12ctx);
if (certlist == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "SEC_PKCS12DecoderGetCerts",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "SEC_PKCS12DecoderGetCerts",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
goto done;
}
x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id);
if(x509Data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
- goto done;
- }
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyDataCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "transform=%s",
+ xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+ goto done;
+ }
for (head = CERT_LIST_HEAD(certlist);
!CERT_LIST_END(head, certlist);
@@ -969,132 +969,132 @@ xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
privkey = PK11_FindKeyByAnyCert(cert, NULL);
if (privkey != NULL) {
- if (data != NULL) {
- /* we already found a private key.
- * assume the first private key we find is THE ONE
- */
- SECKEY_DestroyPrivateKey(privkey);
- privkey = NULL;
- } else {
- pubkey = CERT_ExtractPublicKey(cert);
- if (pubkey == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CERT_ExtractPublicKey",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
- data = xmlSecNssPKIAdoptKey(privkey, pubkey);
- if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssPKIAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
-
- pubkey = NULL;
- privkey = NULL;
-
- tmpcert = CERT_DupCertificate(cert);
- if(tmpcert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CERT_DupCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- goto done;
- }
-
- ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, tmpcert);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptKeyCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- CERT_DestroyCertificate(tmpcert);
- goto done;
+ if (data != NULL) {
+ /* we already found a private key.
+ * assume the first private key we find is THE ONE
+ */
+ SECKEY_DestroyPrivateKey(privkey);
+ privkey = NULL;
+ } else {
+ pubkey = CERT_ExtractPublicKey(cert);
+ if (pubkey == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "CERT_ExtractPublicKey",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+ data = xmlSecNssPKIAdoptKey(privkey, pubkey);
+ if(data == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssPKIAdoptKey",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
}
- }
+ pubkey = NULL;
+ privkey = NULL;
+
+ tmpcert = CERT_DupCertificate(cert);
+ if(tmpcert == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "CERT_DupCertificate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ goto done;
+ }
+
+ ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, tmpcert);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeyDataX509AdoptKeyCert",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ CERT_DestroyCertificate(tmpcert);
+ goto done;
+ }
+
+ }
}
- tmpcert = CERT_DupCertificate(cert);
+ tmpcert = CERT_DupCertificate(cert);
if(tmpcert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CERT_DupCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- goto done;
- }
- ret = xmlSecNssKeyDataX509AdoptCert(x509Data, tmpcert);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- CERT_DestroyCertificate(tmpcert);
- goto done;
- }
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "CERT_DupCertificate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ goto done;
+ }
+ ret = xmlSecNssKeyDataX509AdoptCert(x509Data, tmpcert);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeyDataX509AdoptCert",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ CERT_DestroyCertificate(tmpcert);
+ goto done;
+ }
} /* end for loop */
if (data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppPkcs12Load",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "private key not found in PKCS12 file");
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppPkcs12Load",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "private key not found in PKCS12 file");
+ goto done;
}
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- goto done;
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ goto done;
+ }
+
ret = xmlSecKeySetValue(key, data);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- xmlSecKeyDestroy(key);
- key = NULL;
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeySetValue",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecKeyDestroy(key);
+ key = NULL;
+ goto done;
}
data = NULL;
ret = xmlSecKeyAdoptData(key, x509Data);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyAdoptData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- xmlSecKeyDestroy(key);
- key = NULL;
- goto done;
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyAdoptData",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "data=%s",
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecKeyDestroy(key);
+ key = NULL;
+ goto done;
}
x509Data = NULL;
-
+
done:
if (p12ctx) {
SEC_PKCS12DecoderFinish(p12ctx);
@@ -1107,31 +1107,31 @@ done:
CERT_DestroyCertList(certlist);
}
if(x509Data != NULL) {
- xmlSecKeyDataDestroy(x509Data);
+ xmlSecKeyDataDestroy(x509Data);
}
if(data != NULL) {
xmlSecKeyDataDestroy(data);
}
if (privkey) {
- SECKEY_DestroyPrivateKey(privkey);
+ SECKEY_DestroyPrivateKey(privkey);
}
if (pubkey) {
- SECKEY_DestroyPublicKey(pubkey);
+ SECKEY_DestroyPublicKey(pubkey);
}
- return(key);
+ return(key);
}
/**
* xmlSecNssAppKeyFromCertLoadSECItem:
- * @secItem: the @SECItem object.
- * @format: the cert format.
+ * @secItem: the @SECItem object.
+ * @format: the cert format.
*
* Loads public key from cert.
*
* Returns: pointer to key or NULL if an error occurs.
*/
-xmlSecKeyPtr
+xmlSecKeyPtr
xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format) {
xmlSecKeyPtr key;
xmlSecKeyDataPtr keyData;
@@ -1141,105 +1141,105 @@ xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format)
xmlSecAssert2(secItem != NULL, NULL);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-
+
/* load cert */
switch(format) {
case xmlSecKeyDataFormatCertDer:
- cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- secItem, NULL, PR_FALSE, PR_TRUE);
- if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "__CERT_NewTempCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "format=%d", format);
- return(NULL);
- }
- break;
+ cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ secItem, NULL, PR_FALSE, PR_TRUE);
+ if(cert == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "__CERT_NewTempCertificate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "format=%d", format);
+ return(NULL);
+ }
+ break;
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_FORMAT,
- "format=%d", format);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_FORMAT,
+ "format=%d", format);
+ return(NULL);
}
/* get key value */
keyData = xmlSecNssX509CertGetKey(cert);
if(keyData == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssX509CertGetKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- CERT_DestroyCertificate(cert);
- return(NULL);
- }
-
+ NULL,
+ "xmlSecNssX509CertGetKey",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ CERT_DestroyCertificate(cert);
+ return(NULL);
+ }
+
/* create key */
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDataDestroy(keyData);
- CERT_DestroyCertificate(cert);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecKeyDataDestroy(keyData);
+ CERT_DestroyCertificate(cert);
+ return(NULL);
+ }
+
/* set key value */
ret = xmlSecKeySetValue(key, keyData);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDestroy(key);
- xmlSecKeyDataDestroy(keyData);
- CERT_DestroyCertificate(cert);
- return(NULL);
- }
-
- /* create cert data */
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeySetValue",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecKeyDestroy(key);
+ xmlSecKeyDataDestroy(keyData);
+ CERT_DestroyCertificate(cert);
+ return(NULL);
+ }
+
+ /* create cert data */
certData = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
if(certData == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyEnsureData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDestroy(key);
- CERT_DestroyCertificate(cert);
- return(NULL);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyEnsureData",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecKeyDestroy(key);
+ CERT_DestroyCertificate(cert);
+ return(NULL);
}
/* put cert in the cert data */
ret = xmlSecNssKeyDataX509AdoptCert(certData, cert);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyDestroy(key);
- CERT_DestroyCertificate(cert);
- return(NULL);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeyDataX509AdoptCert",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecKeyDestroy(key);
+ CERT_DestroyCertificate(cert);
+ return(NULL);
+ }
+
return(key);
}
/**
* xmlSecNssAppKeysMngrCertLoad:
- * @mngr: the pointer to keys manager.
- * @filename: the certificate file.
- * @format: the certificate file format (PEM or DER).
- * @type: the certificate type (trusted/untrusted).
+ * @mngr: the pointer to keys manager.
+ * @filename: the certificate file.
+ * @format: the certificate file format (PEM or DER).
+ * @type: the certificate type (trusted/untrusted).
*
* Reads cert from @filename and adds to the list of trusted or known
* untrusted certs in @store
@@ -1247,12 +1247,12 @@ xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format)
* Returns: 0 on success or a negative value otherwise.
*/
int
-xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
- xmlSecKeyDataFormat format,
- xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+ xmlSecKeyDataFormat format,
+ xmlSecKeyDataType type) {
SECItem secItem;
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -1261,23 +1261,23 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppReadSECItem(&secItem, filename);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppReadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppReadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssAppKeysMngrCertLoadSECItem(mngr, &secItem, format, type);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeysMngrCertLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeysMngrCertLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(-1);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -1286,11 +1286,11 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
/**
* xmlSecNssAppKeysMngrCertLoadMemory:
- * @mngr: the pointer to keys manager.
- * @data: the key binary data.
- * @dataSize: the key binary data size.
- * @format: the certificate format (PEM or DER).
- * @type: the certificate type (trusted/untrusted).
+ * @mngr: the pointer to keys manager.
+ * @data: the key binary data.
+ * @dataSize: the key binary data size.
+ * @format: the certificate format (PEM or DER).
+ * @type: the certificate type (trusted/untrusted).
*
* Reads cert from @data and adds to the list of trusted or known
* untrusted certs in @store
@@ -1298,12 +1298,12 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
* Returns: 0 on success or a negative value otherwise.
*/
int
-xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
- xmlSecSize dataSize, xmlSecKeyDataFormat format,
- xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
+ xmlSecSize dataSize, xmlSecKeyDataFormat format,
+ xmlSecKeyDataType type) {
SECItem secItem;
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -1311,23 +1311,23 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
memset(&secItem, 0, sizeof(secItem));
ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppCreateSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppCreateSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssAppKeysMngrCertLoadSECItem(mngr, &secItem, format, type);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssAppKeysMngrCertLoadSECItem",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- SECITEM_FreeItem(&secItem, PR_FALSE);
- return(-1);
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssAppKeysMngrCertLoadSECItem",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ SECITEM_FreeItem(&secItem, PR_FALSE);
+ return(-1);
}
SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -1336,10 +1336,10 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
/**
* xmlSecNssAppKeysMngrCertLoadSECItem:
- * @mngr: the pointer to keys manager.
- * @secItem: the pointer to SECItem.
- * @format: the certificate format (PEM or DER).
- * @type: the certificate type (trusted/untrusted).
+ * @mngr: the pointer to keys manager.
+ * @secItem: the pointer to SECItem.
+ * @format: the certificate format (PEM or DER).
+ * @type: the certificate type (trusted/untrusted).
*
* Reads cert from @secItem and adds to the list of trusted or known
* untrusted certs in @store
@@ -1347,9 +1347,9 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
* Returns: 0 on success or a negative value otherwise.
*/
int
-xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
- xmlSecKeyDataFormat format,
- xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
+ xmlSecKeyDataFormat format,
+ xmlSecKeyDataType type) {
xmlSecKeyDataStorePtr x509Store;
CERTCertificate* cert;
int ret;
@@ -1357,7 +1357,7 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(secItem != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-
+
x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecNssX509StoreId);
if(x509Store == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1370,26 +1370,26 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
switch(format) {
case xmlSecKeyDataFormatDer:
- cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- secItem, NULL, PR_FALSE, PR_TRUE);
- if(cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "__CERT_NewTempCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "format=%d", format);
- return(-1);
- }
- break;
+ cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+ secItem, NULL, PR_FALSE, PR_TRUE);
+ if(cert == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "__CERT_NewTempCertificate",
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
+ "format=%d", format);
+ return(-1);
+ }
+ break;
default:
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_FORMAT,
- "format=%d", format);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_FORMAT,
+ "format=%d", format);
+ return(-1);
+ }
+
ret = xmlSecNssX509StoreAdoptCert(x509Store, cert, type);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1397,7 +1397,7 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
"xmlSecNssX509StoreAdoptCert",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
- CERT_DestroyCertificate(cert);
+ CERT_DestroyCertificate(cert);
return(-1);
}
@@ -1408,179 +1408,179 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
/**
* xmlSecNssAppDefaultKeysMngrInit:
- * @mngr: the pointer to keys manager.
+ * @mngr: the pointer to keys manager.
*
* Initializes @mngr with NSS keys store #xmlSecNssKeysStoreId
* and a default NSS crypto key data stores.
*
* Returns: 0 on success or a negative value otherwise.
- */
+ */
int
xmlSecNssAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
- /* create NSS keys store if needed */
+ /* create NSS keys store if needed */
if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
- xmlSecKeyStorePtr keysStore;
-
- keysStore = xmlSecKeyStoreCreate(xmlSecNssKeysStoreId);
- if(keysStore == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyStoreCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecNssKeysStoreId");
- return(-1);
- }
-
- ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrAdoptKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- xmlSecKeyStoreDestroy(keysStore);
- return(-1);
- }
- }
-
- ret = xmlSecNssKeysMngrInit(mngr);
+ xmlSecKeyStorePtr keysStore;
+
+ keysStore = xmlSecKeyStoreCreate(xmlSecNssKeysStoreId);
+ if(keysStore == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyStoreCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "xmlSecNssKeysStoreId");
+ return(-1);
+ }
+
+ ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+ if(ret < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrAdoptKeysStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecKeyStoreDestroy(keysStore);
+ return(-1);
+ }
+ }
+
+ ret = xmlSecNssKeysMngrInit(mngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeysMngrInit",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeysMngrInit",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
mngr->getKey = xmlSecKeysMngrGetKey;
return(0);
}
/**
* xmlSecNssAppDefaultKeysMngrAdoptKey:
- * @mngr: the pointer to keys manager.
- * @key: the pointer to key.
+ * @mngr: the pointer to keys manager.
+ * @key: the pointer to key.
*
* Adds @key to the keys manager @mngr created with #xmlSecNssAppDefaultKeysMngrInit
* function.
- *
+ *
* Returns: 0 on success or a negative value otherwise.
- */
-int
+ */
+int
xmlSecNssAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
xmlSecKeyStorePtr store;
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(key != NULL, -1);
-
+
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetKeysStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssKeysStoreAdoptKey(store, key);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeysStoreAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeysStoreAdoptKey",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
return(0);
}
/**
* xmlSecNssAppDefaultKeysMngrLoad:
- * @mngr: the pointer to keys manager.
- * @uri: the uri.
+ * @mngr: the pointer to keys manager.
+ * @uri: the uri.
*
- * Loads XML keys file from @uri to the keys manager @mngr created
+ * Loads XML keys file from @uri to the keys manager @mngr created
* with #xmlSecNssAppDefaultKeysMngrInit function.
- *
+ *
* Returns: 0 on success or a negative value otherwise.
- */
-int
+ */
+int
xmlSecNssAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
xmlSecKeyStorePtr store;
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(uri != NULL, -1);
-
+
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetKeysStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssKeysStoreLoad(store, uri, mngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeysStoreLoad",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "uri=%s", xmlSecErrorsSafeString(uri));
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeysStoreLoad",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "uri=%s", xmlSecErrorsSafeString(uri));
+ return(-1);
+ }
+
return(0);
}
/**
* xmlSecNssAppDefaultKeysMngrSave:
- * @mngr: the pointer to keys manager.
- * @filename: the destination filename.
- * @type: the type of keys to save (public/private/symmetric).
+ * @mngr: the pointer to keys manager.
+ * @filename: the destination filename.
+ * @type: the type of keys to save (public/private/symmetric).
*
* Saves keys from @mngr to XML keys file.
- *
+ *
* Returns: 0 on success or a negative value otherwise.
- */
-int
+ */
+int
xmlSecNssAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
xmlSecKeyStorePtr store;
int ret;
-
+
xmlSecAssert2(mngr != NULL, -1);
xmlSecAssert2(filename != NULL, -1);
-
+
store = xmlSecKeysMngrGetKeysStore(mngr);
if(store == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeysMngrGetKeysStore",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeysMngrGetKeysStore",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
ret = xmlSecNssKeysStoreSave(store, filename, type);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeysStoreSave",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "filename%s", xmlSecErrorsSafeString(filename));
- return(-1);
- }
-
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecNssKeysStoreSave",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "filename%s", xmlSecErrorsSafeString(filename));
+ return(-1);
+ }
+
return(0);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 14:29:43 +0000