diff options
Diffstat (limited to 'src/nss/keysstore.c')
-rw-r--r-- | src/nss/keysstore.c | 150 |
1 files changed, 44 insertions, 106 deletions
diff --git a/src/nss/keysstore.c b/src/nss/keysstore.c index 057fc454..6dbf6b74 100644 --- a/src/nss/keysstore.c +++ b/src/nss/keysstore.c @@ -1,5 +1,16 @@ +/* + * XML Security Library (http://www.aleksey.com/xmlsec). + * + * + * This is free software; see Copyright file in the source + * distribution for precise wording. + * + * Copyright (c) 2003 America Online, Inc. All rights reserved. + */ /** - * XMLSec library + * SECTION:keysstore + * @Short_description: Keys store implementation for NSS. + * @Stability: Stable * * Nss keys store that uses Simple Keys Store under the hood. Uses the * Nss DB as a backing store for the finding keys, but the NSS DB is @@ -10,11 +21,6 @@ * DB. * Thus, the NSS DB can be used to pre-load keys and becomes an alternate * source of keys for xmlsec - * - * This is free software; see Copyright file in the source - * distribution for precise wording. - * - * Copyright (c) 2003 America Online, Inc. All rights reserved. */ #include "globals.h" @@ -126,7 +132,7 @@ xmlSecNssKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) { */ int xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, - xmlSecKeysMngrPtr keysMngr) { + xmlSecKeysMngrPtr keysMngr ATTRIBUTE_UNUSED) { xmlDocPtr doc; xmlNodePtr root; xmlNodePtr cur; @@ -139,22 +145,14 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, doc = xmlParseFile(uri); if(doc == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - "xmlParseFile", - XMLSEC_ERRORS_R_XML_FAILED, - "uri=%s", - xmlSecErrorsSafeString(uri)); + xmlSecXmlError2("xmlParseFile", xmlSecKeyStoreGetName(store), + "uri=%s", xmlSecErrorsSafeString(uri)); return(-1); } root = xmlDocGetRootElement(doc); if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - xmlSecErrorsSafeString(xmlSecNodeGetName(root)), - XMLSEC_ERRORS_R_INVALID_NODE, - "expected-node=<xmlsec:Keys>"); + xmlSecInvalidNodeError(root, BAD_CAST "Keys", xmlSecKeyStoreGetName(store)); xmlFreeDoc(doc); return(-1); } @@ -163,30 +161,23 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) { key = xmlSecKeyCreate(); if(key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), - XMLSEC_ERRORS_R_INVALID_NODE, - "expected-node=%s", - xmlSecErrorsSafeString(xmlSecNodeKeyInfo)); + xmlSecInternalError("xmlSecKeyCreate", + xmlSecKeyStoreGetName(store)); xmlFreeDoc(doc); return(-1); } ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - "xmlSecKeyInfoCtxInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeyInfoCtxInitialize", + xmlSecKeyStoreGetName(store)); xmlSecKeyDestroy(key); xmlFreeDoc(doc); return(-1); } keyInfoCtx.mode = xmlSecKeyInfoModeRead; - keyInfoCtx.keysMngr = keysMngr; + keyInfoCtx.keysMngr = NULL; keyInfoCtx.flags = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND | XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS; keyInfoCtx.keyReq.keyId = xmlSecKeyDataIdUnknown; @@ -195,11 +186,8 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - "xmlSecKeyInfoNodeRead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeyInfoNodeRead", + xmlSecKeyStoreGetName(store)); xmlSecKeyInfoCtxFinalize(&keyInfoCtx); xmlSecKeyDestroy(key); xmlFreeDoc(doc); @@ -210,11 +198,8 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, if(xmlSecKeyIsValid(key)) { ret = xmlSecNssKeysStoreAdoptKey(store, key); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - "xmlSecNssKeysStoreAdoptKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecNssKeysStoreAdoptKey", + xmlSecKeyStoreGetName(store)); xmlSecKeyDestroy(key); xmlFreeDoc(doc); return(-1); @@ -227,11 +212,7 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, } if(cur != NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), - XMLSEC_ERRORS_R_UNEXPECTED_NODE, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecUnexpectedNodeError(cur, xmlSecKeyStoreGetName(store)); xmlFreeDoc(doc); return(-1); } @@ -275,11 +256,8 @@ xmlSecNssKeysStoreInitialize(xmlSecKeyStorePtr store) { *ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId); if(*ss == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)), - "xmlSecKeyStoreCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "xmlSecSimpleKeysStoreId"); + xmlSecInternalError("xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId)", + xmlSecKeyStoreGetName(store)); return(-1); } @@ -346,11 +324,7 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, if (keyReq->keyType & xmlSecKeyDataTypePublic) { pubkey = CERT_ExtractPublicKey(cert); if (pubkey == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "CERT_ExtractPublicKey", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("CERT_ExtractPublicKey", NULL); goto done; } } @@ -358,22 +332,14 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, if (keyReq->keyType & xmlSecKeyDataTypePrivate) { privkey = PK11_FindKeyByAnyCert(cert, NULL); if (privkey == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_FindKeyByAnyCert", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_FindKeyByAnyCert", NULL); goto done; } } data = xmlSecNssPKIAdoptKey(privkey, pubkey); if(data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssPKIAdoptKey", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecNssPKIAdoptKey", NULL); goto done; } privkey = NULL; @@ -381,78 +347,50 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, key = xmlSecKeyCreate(); if (key == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecKeyCreate", NULL); return (NULL); } x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id); if(x509Data == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyDataCreate", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "transform=%s", - xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id))); + xmlSecInternalError("xmlSecKeyDataCreate", + xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)); goto done; } ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, cert); if (ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKeyDataX509AdoptKeyCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); + xmlSecInternalError("xmlSecNssKeyDataX509AdoptKeyCert", + xmlSecKeyDataGetName(x509Data)); goto done; } cert = CERT_DupCertificate(cert); if (cert == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "CERT_DupCertificate", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); + xmlSecNssError("CERT_DupCertificate", + xmlSecKeyDataGetName(x509Data)); goto done; } ret = xmlSecNssKeyDataX509AdoptCert(x509Data, cert); if (ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKeyDataX509AdoptCert", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); + xmlSecInternalError("xmlSecNssKeyDataX509AdoptCert", + xmlSecKeyDataGetName(x509Data)); goto done; } cert = NULL; ret = xmlSecKeySetValue(key, data); if (ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeySetValue", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(data))); + xmlSecInternalError("xmlSecKeySetValue", + xmlSecKeyDataGetName(data)); goto done; } data = NULL; ret = xmlSecKeyAdoptData(key, x509Data); if (ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecKeyAdoptData", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "data=%s", - xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data))); + xmlSecInternalError("xmlSecKeyAdoptData", + xmlSecKeyDataGetName(x509Data)); goto done; } x509Data = NULL; |