summaryrefslogtreecommitdiff
path: root/src/nss/keysstore.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/nss/keysstore.c')
-rw-r--r--src/nss/keysstore.c150
1 files changed, 44 insertions, 106 deletions
diff --git a/src/nss/keysstore.c b/src/nss/keysstore.c
index 057fc454..6dbf6b74 100644
--- a/src/nss/keysstore.c
+++ b/src/nss/keysstore.c
@@ -1,5 +1,16 @@
+/*
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for precise wording.
+ *
+ * Copyright (c) 2003 America Online, Inc. All rights reserved.
+ */
/**
- * XMLSec library
+ * SECTION:keysstore
+ * @Short_description: Keys store implementation for NSS.
+ * @Stability: Stable
*
* Nss keys store that uses Simple Keys Store under the hood. Uses the
* Nss DB as a backing store for the finding keys, but the NSS DB is
@@ -10,11 +21,6 @@
* DB.
* Thus, the NSS DB can be used to pre-load keys and becomes an alternate
* source of keys for xmlsec
- *
- * This is free software; see Copyright file in the source
- * distribution for precise wording.
- *
- * Copyright (c) 2003 America Online, Inc. All rights reserved.
*/
#include "globals.h"
@@ -126,7 +132,7 @@ xmlSecNssKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
*/
int
xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
- xmlSecKeysMngrPtr keysMngr) {
+ xmlSecKeysMngrPtr keysMngr ATTRIBUTE_UNUSED) {
xmlDocPtr doc;
xmlNodePtr root;
xmlNodePtr cur;
@@ -139,22 +145,14 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
doc = xmlParseFile(uri);
if(doc == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- "xmlParseFile",
- XMLSEC_ERRORS_R_XML_FAILED,
- "uri=%s",
- xmlSecErrorsSafeString(uri));
+ xmlSecXmlError2("xmlParseFile", xmlSecKeyStoreGetName(store),
+ "uri=%s", xmlSecErrorsSafeString(uri));
return(-1);
}
root = xmlDocGetRootElement(doc);
if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected-node=<xmlsec:Keys>");
+ xmlSecInvalidNodeError(root, BAD_CAST "Keys", xmlSecKeyStoreGetName(store));
xmlFreeDoc(doc);
return(-1);
}
@@ -163,30 +161,23 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
key = xmlSecKeyCreate();
if(key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected-node=%s",
- xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+ xmlSecInternalError("xmlSecKeyCreate",
+ xmlSecKeyStoreGetName(store));
xmlFreeDoc(doc);
return(-1);
}
ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- "xmlSecKeyInfoCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyInfoCtxInitialize",
+ xmlSecKeyStoreGetName(store));
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
return(-1);
}
keyInfoCtx.mode = xmlSecKeyInfoModeRead;
- keyInfoCtx.keysMngr = keysMngr;
+ keyInfoCtx.keysMngr = NULL;
keyInfoCtx.flags = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown;
@@ -195,11 +186,8 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- "xmlSecKeyInfoNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyInfoNodeRead",
+ xmlSecKeyStoreGetName(store));
xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
@@ -210,11 +198,8 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
if(xmlSecKeyIsValid(key)) {
ret = xmlSecNssKeysStoreAdoptKey(store, key);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- "xmlSecNssKeysStoreAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecNssKeysStoreAdoptKey",
+ xmlSecKeyStoreGetName(store));
xmlSecKeyDestroy(key);
xmlFreeDoc(doc);
return(-1);
@@ -227,11 +212,7 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
}
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, xmlSecKeyStoreGetName(store));
xmlFreeDoc(doc);
return(-1);
}
@@ -275,11 +256,8 @@ xmlSecNssKeysStoreInitialize(xmlSecKeyStorePtr store) {
*ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
if(*ss == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
- "xmlSecKeyStoreCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "xmlSecSimpleKeysStoreId");
+ xmlSecInternalError("xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId)",
+ xmlSecKeyStoreGetName(store));
return(-1);
}
@@ -346,11 +324,7 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
if (keyReq->keyType & xmlSecKeyDataTypePublic) {
pubkey = CERT_ExtractPublicKey(cert);
if (pubkey == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CERT_ExtractPublicKey",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNssError("CERT_ExtractPublicKey", NULL);
goto done;
}
}
@@ -358,22 +332,14 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
if (keyReq->keyType & xmlSecKeyDataTypePrivate) {
privkey = PK11_FindKeyByAnyCert(cert, NULL);
if (privkey == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_FindKeyByAnyCert",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNssError("PK11_FindKeyByAnyCert", NULL);
goto done;
}
}
data = xmlSecNssPKIAdoptKey(privkey, pubkey);
if(data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssPKIAdoptKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecNssPKIAdoptKey", NULL);
goto done;
}
privkey = NULL;
@@ -381,78 +347,50 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
key = xmlSecKeyCreate();
if (key == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyCreate", NULL);
return (NULL);
}
x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id);
if(x509Data == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyDataCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+ xmlSecInternalError("xmlSecKeyDataCreate",
+ xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id));
goto done;
}
ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, cert);
if (ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptKeyCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptKeyCert",
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
cert = CERT_DupCertificate(cert);
if (cert == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CERT_DupCertificate",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecNssError("CERT_DupCertificate",
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
ret = xmlSecNssKeyDataX509AdoptCert(x509Data, cert);
if (ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKeyDataX509AdoptCert",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert",
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
cert = NULL;
ret = xmlSecKeySetValue(key, data);
if (ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeySetValue",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+ xmlSecInternalError("xmlSecKeySetValue",
+ xmlSecKeyDataGetName(data));
goto done;
}
data = NULL;
ret = xmlSecKeyAdoptData(key, x509Data);
if (ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyAdoptData",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "data=%s",
- xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+ xmlSecInternalError("xmlSecKeyAdoptData",
+ xmlSecKeyDataGetName(x509Data));
goto done;
}
x509Data = NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 09:44:15 +0000