diff options
Diffstat (limited to 'src/nss/kw_des.c')
-rw-r--r-- | src/nss/kw_des.c | 171 |
1 files changed, 48 insertions, 123 deletions
diff --git a/src/nss/kw_des.c b/src/nss/kw_des.c index 4025d35e..7c6b00b1 100644 --- a/src/nss/kw_des.c +++ b/src/nss/kw_des.c @@ -1,8 +1,6 @@ -/** - * - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). * - * DES KW Algorithm support * * This is free software; see Copyright file in the source * distribution for preciese wording. @@ -10,6 +8,13 @@ * Copyright (c) 2003 America Online, Inc. All rights reserved. * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. */ +/** + * SECTION:kw_des + * @Short_description: DES Key Transport transforms implementation for NSS. + * @Stability: Private + * + */ + #ifndef XMLSEC_NO_DES #include "globals.h" @@ -160,11 +165,8 @@ xmlSecNssKWDes3Initialize(xmlSecTransformPtr transform) { ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferInitialize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecBufferInitialize", + xmlSecTransformGetName(transform)); return(-1); } @@ -228,22 +230,16 @@ xmlSecNssKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { keySize = xmlSecBufferGetSize(buffer); if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, - "key length %d is not enough (%d expected)", - keySize, XMLSEC_KW_DES3_KEY_LENGTH); + xmlSecInvalidKeyDataSizeError(keySize, XMLSEC_KW_DES3_KEY_LENGTH, + xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferSetData", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", XMLSEC_KW_DES3_KEY_LENGTH); + xmlSecInternalError2("xmlSecBufferSetData", + xmlSecTransformGetName(transform), + "size=%d", XMLSEC_KW_DES3_KEY_LENGTH); return(-1); } @@ -282,12 +278,9 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt /* just do nothing */ } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) { if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_SIZE, - "%d bytes - not %d bytes aligned", - inSize, XMLSEC_KW_DES3_BLOCK_LENGTH); + xmlSecInvalidSizeNotMultipleOfError("Input data", + inSize, XMLSEC_KW_DES3_BLOCK_LENGTH, + xmlSecTransformGetName(transform)); return(-1); } @@ -303,11 +296,9 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt ret = xmlSecBufferSetMaxSize(out, outSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferSetMaxSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize); + xmlSecInternalError2("xmlSecBufferSetMaxSize", + xmlSecTransformGetName(transform), + "size=%d", outSize); return(-1); } @@ -316,12 +307,9 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out), outSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecKWDes3Encode", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "key=%d,in=%d,out=%d", - keySize, inSize, outSize); + xmlSecInternalError4("xmlSecKWDes3Encode", xmlSecTransformGetName(transform), + "key=%d,in=%d,out=%d", + keySize, inSize, outSize); return(-1); } outSize = ret; @@ -330,12 +318,9 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out), outSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecKWDes3Decode", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "key=%d,in=%d,out=%d", - keySize, inSize, outSize); + xmlSecInternalError4("xmlSecKWDes3Decode", xmlSecTransformGetName(transform), + "key=%d,in=%d,out=%d", + keySize, inSize, outSize); return(-1); } outSize = ret; @@ -343,21 +328,17 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt ret = xmlSecBufferSetSize(out, outSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize); + xmlSecInternalError2("xmlSecBufferSetSize", + xmlSecTransformGetName(transform), + "size=%d", outSize); return(-1); } ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - "xmlSecBufferRemoveHead", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", inSize); + xmlSecInternalError2("xmlSecBufferRemoveHead", + xmlSecTransformGetName(transform), + "size=%d", inSize); return(-1); } @@ -366,11 +347,7 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL, - XMLSEC_ERRORS_R_INVALID_STATUS, - "status=%d", transform->status); + xmlSecInvalidTransfromStatusError(transform); return(-1); } return(0); @@ -399,43 +376,27 @@ xmlSecNssKWDes3Sha1(void * context, /* Create a pk11ctx for hashing (digesting) */ pk11ctx = PK11_CreateDigestContext(SEC_OID_SHA1); if (pk11ctx == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CreateDigestContext", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_CreateDigestContext", NULL); return(-1); } status = PK11_DigestBegin(pk11ctx); if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestBegin", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_DigestBegin", NULL); PK11_DestroyContext(pk11ctx, PR_TRUE); return(-1); } status = PK11_DigestOp(pk11ctx, in, inSize); if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestOp", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_DigestOp", NULL); PK11_DestroyContext(pk11ctx, PR_TRUE); return(-1); } status = PK11_DigestFinal(pk11ctx, out, &outLen, outSize); if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_DigestFinal", NULL); PK11_DestroyContext(pk11ctx, PR_TRUE); return(-1); } @@ -458,11 +419,7 @@ xmlSecNssKWDes3GenerateRandom(void * context, status = PK11_GenerateRandom(out, outSize); if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_GenerateRandom", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_GenerateRandom", NULL); return(-1); } @@ -493,11 +450,7 @@ xmlSecNssKWDes3BlockEncrypt(void * context, out, outSize, 1); /* encrypt */ if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecNssKWDes3Encrypt", NULL); return(-1); } @@ -528,11 +481,7 @@ xmlSecNssKWDes3BlockDecrypt(void * context, out, outSize, 0); /* decrypt */ if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecInternalError("xmlSecNssKWDes3Encrypt", NULL); return(-1); } @@ -570,11 +519,7 @@ xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize, cipherMech = CKM_DES3_CBC; slot = PK11_GetBestSlot(cipherMech, NULL); if (slot == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_GetBestSlot", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_GetBestSlot", NULL); goto done; } @@ -583,11 +528,7 @@ xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize, symKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL); if (symKey == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_ImportSymKey", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_ImportSymKey", NULL); goto done; } @@ -596,11 +537,7 @@ xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize, param = PK11_ParamFromIV(cipherMech, &ivItem); if (param == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_ParamFromIV", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_ParamFromIV", NULL); goto done; } @@ -608,11 +545,7 @@ xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize, enc ? CKA_ENCRYPT : CKA_DECRYPT, symKey, param); if (pk11ctx == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CreateContextBySymKey", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_CreateContextBySymKey", NULL); goto done; } @@ -620,22 +553,14 @@ xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize, status = PK11_CipherOp(pk11ctx, out, &tmp1_outlen, outSize, (unsigned char *)in, inSize); if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CipherOp", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_CipherOp", NULL); goto done; } status = PK11_DigestFinal(pk11ctx, out+tmp1_outlen, &tmp2_outlen, outSize-tmp1_outlen); if (status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + xmlSecNssError("PK11_DigestFinal", NULL); goto done; } |