diff options
Diffstat (limited to 'src/nss/crypto.c')
-rw-r--r-- | src/nss/crypto.c | 118 |
1 files changed, 62 insertions, 56 deletions
diff --git a/src/nss/crypto.c b/src/nss/crypto.c index ea79519f..a00824dd 100644 --- a/src/nss/crypto.c +++ b/src/nss/crypto.c @@ -1,5 +1,6 @@ -/** - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). + * * * This is free software; see Copyright file in the source * distribution for preciese wording. @@ -7,6 +8,13 @@ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. * Copyright (c) 2003 America Online, Inc. All rights reserved. */ +/** + * SECTION:crypto + * @Short_description: Crypto transforms implementation for NSS. + * @Stability: Stable + * + */ + #include "globals.h" #include <string.h> @@ -75,6 +83,10 @@ xmlSecCryptoGetFunctions_nss(void) { gXmlSecNssFunctions->keyDataDsaGetKlass = xmlSecNssKeyDataDsaGetKlass; #endif /* XMLSEC_NO_DSA */ +#ifndef XMLSEC_NO_ECDSA + gXmlSecNssFunctions->keyDataEcdsaGetKlass = xmlSecNssKeyDataEcdsaGetKlass; +#endif /* XMLSEC_NO_ECDSA */ + #ifndef XMLSEC_NO_HMAC gXmlSecNssFunctions->keyDataHmacGetKlass = xmlSecNssKeyDataHmacGetKlass; #endif /* XMLSEC_NO_HMAC */ @@ -121,9 +133,33 @@ xmlSecCryptoGetFunctions_nss(void) { /******************************* DSA ********************************/ #ifndef XMLSEC_NO_DSA +#ifndef XMLSEC_NO_SHA1 gXmlSecNssFunctions->transformDsaSha1GetKlass = xmlSecNssTransformDsaSha1GetKlass; +#endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA256 + gXmlSecNssFunctions->transformDsaSha256GetKlass = xmlSecNssTransformDsaSha256GetKlass; +#endif /* XMLSEC_NO_SHA256 */ #endif /* XMLSEC_NO_DSA */ + /******************************* ECDSA ******************************/ +#ifndef XMLSEC_NO_ECDSA +#ifndef XMLSEC_NO_SHA1 + gXmlSecNssFunctions->transformEcdsaSha1GetKlass = xmlSecNssTransformEcdsaSha1GetKlass; +#endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + gXmlSecNssFunctions->transformEcdsaSha224GetKlass = xmlSecNssTransformEcdsaSha224GetKlass; +#endif /* XMLSEC_NO_SHA224 */ +#ifndef XMLSEC_NO_SHA256 + gXmlSecNssFunctions->transformEcdsaSha256GetKlass = xmlSecNssTransformEcdsaSha256GetKlass; +#endif /* XMLSEC_NO_SHA256 */ +#ifndef XMLSEC_NO_SHA384 + gXmlSecNssFunctions->transformEcdsaSha384GetKlass = xmlSecNssTransformEcdsaSha384GetKlass; +#endif /* XMLSEC_NO_SHA384 */ +#ifndef XMLSEC_NO_SHA512 + gXmlSecNssFunctions->transformEcdsaSha512GetKlass = xmlSecNssTransformEcdsaSha512GetKlass; +#endif /* XMLSEC_NO_SHA512 */ +#endif /* XMLSEC_NO_ECDSA */ + /******************************* HMAC ********************************/ #ifndef XMLSEC_NO_HMAC @@ -139,6 +175,10 @@ xmlSecCryptoGetFunctions_nss(void) { gXmlSecNssFunctions->transformHmacSha1GetKlass = xmlSecNssTransformHmacSha1GetKlass; #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + gXmlSecNssFunctions->transformHmacSha224GetKlass = xmlSecNssTransformHmacSha224GetKlass; +#endif /* XMLSEC_NO_SHA224 */ + #ifndef XMLSEC_NO_SHA256 gXmlSecNssFunctions->transformHmacSha256GetKlass = xmlSecNssTransformHmacSha256GetKlass; #endif /* XMLSEC_NO_SHA256 */ @@ -164,6 +204,10 @@ xmlSecCryptoGetFunctions_nss(void) { gXmlSecNssFunctions->transformRsaSha1GetKlass = xmlSecNssTransformRsaSha1GetKlass; #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + gXmlSecNssFunctions->transformRsaSha224GetKlass = xmlSecNssTransformRsaSha224GetKlass; +#endif /* XMLSEC_NO_SHA224 */ + #ifndef XMLSEC_NO_SHA256 gXmlSecNssFunctions->transformRsaSha256GetKlass = xmlSecNssTransformRsaSha256GetKlass; #endif /* XMLSEC_NO_SHA256 */ @@ -193,6 +237,9 @@ xmlSecCryptoGetFunctions_nss(void) { #ifndef XMLSEC_NO_SHA1 gXmlSecNssFunctions->transformSha1GetKlass = xmlSecNssTransformSha1GetKlass; #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + gXmlSecNssFunctions->transformSha224GetKlass = xmlSecNssTransformSha224GetKlass; +#endif /* XMLSEC_NO_SHA224 */ #ifndef XMLSEC_NO_SHA256 gXmlSecNssFunctions->transformSha256GetKlass = xmlSecNssTransformSha256GetKlass; #endif /* XMLSEC_NO_SHA256 */ @@ -246,11 +293,7 @@ int xmlSecNssInit (void) { /* Check loaded xmlsec library version */ if(xmlSecCheckVersionExact() != 1) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecCheckVersionExact", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecCheckVersionExact", NULL); return(-1); } @@ -259,11 +302,7 @@ xmlSecNssInit (void) { /* register our klasses */ if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_nss()) < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms", NULL); return(-1); } @@ -303,21 +342,13 @@ xmlSecNssKeysMngrInit(xmlSecKeysMngrPtr mngr) { x509Store = xmlSecKeyDataStoreCreate(xmlSecNssX509StoreId); if(x509Store == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyDataStoreCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecNssX509StoreId"); + xmlSecInternalError("xmlSecKeyDataStoreCreate(xmlSecNssX509StoreId)", NULL); return(-1); } ret = xmlSecKeysMngrAdoptDataStore(mngr, x509Store); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeysMngrAdoptDataStore", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeysMngrAdoptDataStore", NULL); xmlSecKeyDataStoreDestroy(x509Store); return(-1); } @@ -342,22 +373,14 @@ xmlSecNssGetInternalKeySlot() slot = PK11_GetInternalKeySlot(); if (slot == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_GetInternalKeySlot", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("PK11_GetInternalKeySlot", NULL); return NULL; } if (PK11_NeedUserInit(slot)) { rv = PK11_InitPin(slot, NULL, NULL); if (rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_Authenticate", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_InitPin", NULL); return NULL; } } @@ -365,11 +388,8 @@ xmlSecNssGetInternalKeySlot() if(PK11_IsLoggedIn(slot, NULL) != PR_TRUE) { rv = PK11_Authenticate(slot, PR_TRUE, NULL); if (rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_Authenticate", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError2("PK11_Authenticate", NULL, + "token=%s", xmlSecErrorsSafeString(PK11_GetTokenName(slot))); return NULL; } } @@ -396,22 +416,15 @@ xmlSecNssGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) { ret = xmlSecBufferSetSize(buffer, size); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", size); + xmlSecInternalError2("xmlSecBufferSetSize", NULL, "size=%d", size); return(-1); } /* get random data */ rv = PK11_GenerateRandom((xmlSecByte*)xmlSecBufferGetData(buffer), size); if(rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_GenerateRandom", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "size=%d", size); + xmlSecNssError2("PK11_GenerateRandom", NULL, + "size=%lu", (unsigned long)size); return(-1); } return(0); @@ -427,18 +440,11 @@ xmlSecNssGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) { * @reason: the error code. * @msg: the additional error message. * - * The default errors reporting callback function. + * The errors reporting callback function. Just a pass through to the default callback. */ void xmlSecNssErrorsDefaultCallback(const char* file, int line, const char* func, const char* errorObject, const char* errorSubject, int reason, const char* msg) { - xmlChar buf[500]; - int err; - - err = PORT_GetError(); - xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "%s;last nss error=%d (0x%08X)", msg, err, err); - xmlSecErrorsDefaultCallback(file, line, func, - errorObject, errorSubject, - reason, (char*)buf); + xmlSecErrorsDefaultCallback(file, line, func, errorObject, errorSubject, reason, msg); } |