diff options
Diffstat (limited to 'src/nss/digests.c')
-rw-r--r-- | src/nss/digests.c | 144 |
1 files changed, 86 insertions, 58 deletions
diff --git a/src/nss/digests.c b/src/nss/digests.c index 2a81375c..3bcfb04d 100644 --- a/src/nss/digests.c +++ b/src/nss/digests.c @@ -1,5 +1,6 @@ -/** - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). + * * * This is free software; see Copyright file in the source * distribution for preciese wording. @@ -7,6 +8,13 @@ * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. * Copyright (c) 2003 America Online, Inc. All rights reserved. */ +/** + * SECTION:digests + * @Short_description: Digests transforms implementation for NSS. + * @Stability: Private + * + */ + #include "globals.h" #include <string.h> @@ -77,6 +85,12 @@ xmlSecNssDigestCheckId(xmlSecTransformPtr transform) { } #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha224Id)) { + return(1); + } +#endif /* XMLSEC_NO_SHA224 */ + #ifndef XMLSEC_NO_SHA256 if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) { return(1); @@ -123,6 +137,11 @@ xmlSecNssDigestInitialize(xmlSecTransformPtr transform) { } else #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 + if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha224Id)) { + ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA224); + } else +#endif /* XMLSEC_NO_SHA224 */ #ifndef XMLSEC_NO_SHA256 if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) { @@ -143,30 +162,18 @@ xmlSecNssDigestInitialize(xmlSecTransformPtr transform) { #endif /* XMLSEC_NO_SHA512 */ if(1) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_TRANSFORM, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInvalidTransfromError(transform) return(-1); } if(ctx->digest == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "SECOID_FindOIDByTag", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("SECOID_FindOIDByTag", xmlSecTransformGetName(transform)); return(-1); } ctx->digestCtx = PK11_CreateDigestContext(ctx->digest->offset); if(ctx->digestCtx == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "PK11_CreateDigestContext", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("PK11_CreateDigestContext", xmlSecTransformGetName(transform)); return(-1); } @@ -207,22 +214,16 @@ xmlSecNssDigestVerify(xmlSecTransformPtr transform, xmlSecAssert2(ctx->dgstSize > 0, -1); if(dataSize != ctx->dgstSize) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_DATA, - "data and digest sizes are different (data=%d, dgst=%d)", - dataSize, ctx->dgstSize); + xmlSecInvalidIntegerDataError2("dataSize", dataSize, + "dgstSize", ctx->dgstSize, "dataSize == dgstSize", + xmlSecTransformGetName(transform)); transform->status = xmlSecTransformStatusFail; return(0); } if(memcmp(ctx->dgst, data, dataSize) != 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_DATA, - "data and digest do not match"); + xmlSecInvalidDataError("data and digest do not match", + xmlSecTransformGetName(transform)); transform->status = xmlSecTransformStatusFail; return(0); } @@ -253,11 +254,7 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt if(transform->status == xmlSecTransformStatusNone) { rv = PK11_DigestBegin(ctx->digestCtx); if(rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "PK11_DigestBegin", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("PK11_DigestBegin", xmlSecTransformGetName(transform)); return(-1); } transform->status = xmlSecTransformStatusWorking; @@ -270,21 +267,15 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt if(inSize > 0) { rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize); if (rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "PK11_DigestOp", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("PK11_DigestOp", xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferRemoveHead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", inSize); + xmlSecInternalError2("xmlSecBufferRemoveHead", + xmlSecTransformGetName(transform), + "size=%d", inSize); return(-1); } } @@ -293,11 +284,7 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst)); if(rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "PK11_DigestFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code=%d", PORT_GetError()); + xmlSecNssError("PK11_DigestFinal", xmlSecTransformGetName(transform)); return(-1); } xmlSecAssert2(dgstSize > 0, -1); @@ -306,11 +293,9 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt if(transform->operation == xmlSecTransformOperationSign) { ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferAppend", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", ctx->dgstSize); + xmlSecInternalError2("xmlSecBufferAppend", + xmlSecTransformGetName(transform), + "size=%d", ctx->dgstSize); return(-1); } } @@ -320,11 +305,7 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_STATUS, - "status=%d", transform->status); + xmlSecInvalidTransfromStatusError(transform); return(-1); } @@ -428,6 +409,53 @@ xmlSecNssTransformSha1GetKlass(void) { } #endif /* XMLSEC_NO_SHA1 */ +#ifndef XMLSEC_NO_SHA224 +/****************************************************************************** + * + * SHA224 Digest transforms + * + *****************************************************************************/ +static xmlSecTransformKlass xmlSecNssSha224Klass = { + /* klass/object sizes */ + sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ + xmlSecNssDigestSize, /* xmlSecSize objSize */ + + /* data */ + xmlSecNameSha224, /* const xmlChar* name; */ + xmlSecHrefSha224, /* const xmlChar* href; */ + xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */ + + /* methods */ + xmlSecNssDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */ + xmlSecNssDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */ + NULL, /* xmlSecTransformNodeReadMethod readNode; */ + NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ + NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ + NULL, /* xmlSecTransformSetKeyMethod setKey; */ + xmlSecNssDigestVerify, /* xmlSecTransformVerifyMethod verify; */ + xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ + xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ + xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ + NULL, /* xmlSecTransformPushXmlMethod pushXml; */ + NULL, /* xmlSecTransformPopXmlMethod popXml; */ + xmlSecNssDigestExecute, /* xmlSecTransformExecuteMethod execute; */ + + NULL, /* void* reserved0; */ + NULL, /* void* reserved1; */ +}; + +/** + * xmlSecNssTransformSha224GetKlass: + * + * SHA224 digest transform klass. + * + * Returns: pointer to SHA224 digest transform klass. + */ +xmlSecTransformId +xmlSecNssTransformSha224GetKlass(void) { + return(&xmlSecNssSha224Klass); +} +#endif /* XMLSEC_NO_SHA224 */ #ifndef XMLSEC_NO_SHA256 /****************************************************************************** |