summaryrefslogtreecommitdiff
path: root/src/xmldsig.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/xmldsig.c')
-rw-r--r--src/xmldsig.c649
1 files changed, 107 insertions, 542 deletions
diff --git a/src/xmldsig.c b/src/xmldsig.c
index 304a869b..619e725a 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -1,15 +1,20 @@
-/**
+/*
* XML Security Library (http://www.aleksey.com/xmlsec).
*
- * "XML Digital Signature" implementation
- * http://www.w3.org/TR/xmldsig-core/
- * http://www.w3.org/Signature/Overview.html
*
* This is free software; see Copyright file in the source
* distribution for preciese wording.
*
* Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved.
*/
+/**
+ * SECTION:xmldsig
+ * @Short_description: XML Digital Signature functions.
+ * @Stability: Stable
+ *
+ * [XML Digital Signature](http://www.w3.org/TR/xmldsig-core/) implementation.
+ */
+
#include "globals.h"
#ifndef XMLSEC_NO_XMLDSIG
@@ -47,16 +52,12 @@ static int xmlSecDSigCtxProcessObjectNode (xmlSecDSigCtxPtr dsigCt
xmlNodePtr node);
static int xmlSecDSigCtxProcessManifestNode (xmlSecDSigCtxPtr dsigCtx,
xmlNodePtr node);
+
static int xmlSecDSigCtxProcessReferences (xmlSecDSigCtxPtr dsigCtx,
xmlNodePtr firstReferenceNode);
-/* TIZEN CUSTUMIZED */
-static int xmlSecHexToInt (char a);
-static int xmlSecDecodeCmp (const xmlChar* encoded,
- const xmlChar* plain);
-
/* The ID attribute in XMLDSig is 'Id' */
-static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL };
+static const xmlChar* xmlSecDSigIds[] = { xmlSecAttrId, NULL };
/**
* xmlSecDSigCtxCreate:
@@ -76,22 +77,13 @@ xmlSecDSigCtxCreate(xmlSecKeysMngrPtr keysMngr) {
dsigCtx = (xmlSecDSigCtxPtr) xmlMalloc(sizeof(xmlSecDSigCtx));
if(dsigCtx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "sizeof(xmlSecDSigCtx)=%d",
- (int)sizeof(xmlSecDSigCtx));
+ xmlSecMallocError(sizeof(xmlSecDSigCtx), NULL);
return(NULL);
}
ret = xmlSecDSigCtxInitialize(dsigCtx, keysMngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxInitialize", NULL);
xmlSecDSigCtxDestroy(dsigCtx);
return(NULL);
}
@@ -134,22 +126,14 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
/* initialize key info */
ret = xmlSecKeyInfoCtxInitialize(&(dsigCtx->keyInfoReadCtx), keysMngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyInfoCtxInitialize", NULL);
return(-1);
}
dsigCtx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
ret = xmlSecKeyInfoCtxInitialize(&(dsigCtx->keyInfoWriteCtx), keysMngr);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyInfoCtxInitialize", NULL);
return(-1);
}
dsigCtx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
@@ -159,11 +143,7 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
/* initializes transforms dsigCtx */
ret = xmlSecTransformCtxInitialize(&(dsigCtx->transformCtx));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxInitialize", NULL);
return(-1);
}
@@ -171,21 +151,13 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
ret = xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
xmlSecDSigReferenceCtxListId);
if(ret != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListInitialize", NULL);
return(ret);
}
ret = xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
xmlSecDSigReferenceCtxListId);
if(ret != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListInitialize", NULL);
return(ret);
}
@@ -221,50 +193,6 @@ xmlSecDSigCtxFinalize(xmlSecDSigCtxPtr dsigCtx) {
memset(dsigCtx, 0, sizeof(xmlSecDSigCtx));
}
-/* TIZEN CUSTUMIZED */
-int
-xmlSecProxyCtxAdd(xmlSecProxyCtxPtr* proxyCtxPtrPtr, const xmlChar* uri) {
- xmlSecProxyCtxPtr pc = (xmlSecProxyCtxPtr)xmlMalloc(sizeof(xmlSecProxyCtx));
- if(pc == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "size=%d", sizeof(xmlSecProxyCtx));
- return(-1);
- }
-
- pc->cache = xmlStrdup(uri);
- if(pc->cache == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlStrdup",
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(uri));
- xmlFree(pc);
- return(-1);
- }
- pc->next = NULL;
-
- while(*proxyCtxPtrPtr != NULL)
- proxyCtxPtrPtr = &((*proxyCtxPtrPtr)->next);
-
- *proxyCtxPtrPtr = pc;
- return(0);
-}
-
-void xmlSecProxyCtxDestroy(xmlSecProxyCtxPtr proxyCtxPtr) {
- while(proxyCtxPtr != NULL) {
- if(proxyCtxPtr->cache != NULL)
- xmlFree(proxyCtxPtr->cache);
-
- xmlSecProxyCtxPtr next = proxyCtxPtr->next;
- xmlFree(proxyCtxPtr);
- proxyCtxPtr = next;
- }
-}
-
/**
* xmlSecDSigCtxEnableReferenceTransform:
* @dsigCtx: the pointer to <dsig:Signature/> processing context.
@@ -285,22 +213,14 @@ xmlSecDSigCtxEnableReferenceTransform(xmlSecDSigCtxPtr dsigCtx, xmlSecTransformI
if(dsigCtx->enabledReferenceTransforms == NULL) {
dsigCtx->enabledReferenceTransforms = xmlSecPtrListCreate(xmlSecTransformIdListId);
if(dsigCtx->enabledReferenceTransforms == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListCreate", NULL);
return(-1);
}
}
ret = xmlSecPtrListAdd(dsigCtx->enabledReferenceTransforms, (void*)transformId);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListAdd", NULL);
return(-1);
}
return(0);
@@ -368,11 +288,7 @@ xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
/* read signature template */
ret = xmlSecDSigCtxProcessSignatureNode(dsigCtx, tmpl);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxSignatureProcessNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessSignatureNode", NULL);
return(-1);
}
xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
@@ -386,11 +302,7 @@ xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
/* check what we've got */
dsigCtx->result = dsigCtx->transformCtx.result;
if((dsigCtx->result == NULL) || (xmlSecBufferGetData(dsigCtx->result) == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_RESULT,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError(XMLSEC_ERRORS_R_INVALID_RESULT, NULL, NULL);
return(-1);
}
@@ -409,7 +321,7 @@ xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
* @dsigCtx: the pointer to <dsig:Signature/> processing context.
* @node: the pointer with <dsig:Signature/> node.
*
- * Vaidates signature in the @node. The verification result is returned
+ * Validates signature in the @node. The verification result is returned
* in #status member of the @dsigCtx object.
*
* Returns: 0 on success (check #status member of @dsigCtx to get
@@ -431,11 +343,7 @@ xmlSecDSigCtxVerify(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* read signature info */
ret = xmlSecDSigCtxProcessSignatureNode(dsigCtx, node);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxSignatureProcessNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessSignatureNode", NULL);
return(-1);
}
xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
@@ -450,11 +358,7 @@ xmlSecDSigCtxVerify(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
ret = xmlSecTransformVerifyNodeContent(dsigCtx->signMethod, dsigCtx->signValueNode,
&(dsigCtx->transformCtx));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformVerifyNodeContent",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformVerifyNodeContent", NULL);
return(-1);
}
@@ -535,12 +439,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
xmlSecAssert2(node != NULL, -1);
if(!xmlSecCheckNodeName(node, xmlSecNodeSignature, xmlSecDSigNs)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeSignature));
+ xmlSecInvalidNodeError(node, xmlSecNodeSignature, NULL);
return(-1);
}
@@ -551,12 +450,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* first node is required SignedInfo */
cur = xmlSecGetNextElementNode(node->children);
if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeSignedInfo, xmlSecDSigNs))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeSignedInfo));
+ xmlSecInvalidNodeError(cur, xmlSecNodeSignedInfo, NULL);
return(-1);
}
signedInfoNode = cur;
@@ -564,12 +458,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* next node is required SignatureValue */
if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeSignatureValue));
+ xmlSecInvalidNodeError(cur, xmlSecNodeSignatureValue, NULL);
return(-1);
}
dsigCtx->signValueNode = cur;
@@ -589,11 +478,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS) == 0) {
ret = xmlSecDSigCtxProcessObjectNode(dsigCtx, cur);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxProcessObjectNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessObjectNode", NULL);
return(-1);
}
}
@@ -602,22 +487,14 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* if there is something left than it's an error */
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, NULL);
return(-1);
}
/* now validated all the references and prepare transform */
ret = xmlSecDSigCtxProcessSignedInfoNode(dsigCtx, signedInfoNode, &firstReferenceNode);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxProcessSignedInfoNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessSignedInfoNode", NULL);
return(-1);
}
@@ -628,39 +505,21 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* now read key info node */
ret = xmlSecDSigCtxProcessKeyInfoNode(dsigCtx, keyInfoNode);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxProcessKeyInfoNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessKeyInfoNode", NULL);
return(-1);
}
/* as the result, we should have a key */
xmlSecAssert2(dsigCtx->signKey != NULL, -1);
- /* TIZEN CUSTUMIZED : if no-hash mode, skip processing references */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_IGNORE_REFERENCES) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Skip processing references. no-hash mode.");
- dsigCtx->status = xmlSecDSigStatusSucceeded;
- } else {
- /* now actually process references and calculate digests */
- ret = xmlSecDSigCtxProcessReferences(dsigCtx, firstReferenceNode);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxProcessReferences",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- /* references processing might change the status */
- if(dsigCtx->status != xmlSecDSigStatusUnknown) {
- return(0);
- }
+ /* now actually process references and calculate digests */
+ ret = xmlSecDSigCtxProcessReferences(dsigCtx, firstReferenceNode);
+ if(ret < 0) {
+ xmlSecInternalError("xmlSecDSigCtxProcessReferences", NULL);
+ return(-1);
+ }
+ /* references processing might change the status */
+ if(dsigCtx->status != xmlSecDSigStatusUnknown) {
+ return(0);
}
/* if we need to write result to xml node then we need base64 encode result */
@@ -671,11 +530,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
base64Encode = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
xmlSecTransformBase64Id);
if(base64Encode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxCreateAndAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend", NULL);
return(-1);
}
base64Encode->operation = xmlSecTransformOperationEncode;
@@ -690,34 +545,21 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
xmlSecAssert2(signedInfoNode != NULL, -1);
nodeset = xmlSecNodeSetGetChildren(signedInfoNode->doc, signedInfoNode, 1, 0);
if(nodeset == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNodeSetGetChildren",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(signedInfoNode)));
+ xmlSecInternalError("xmlSecNodeSetGetChildren(signedInfoNode)", NULL);
return(-1);
}
/* calculate the signature */
ret = xmlSecTransformCtxXmlExecute(&(dsigCtx->transformCtx), nodeset);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxXmlExecute",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxXmlExecute", NULL);
xmlSecNodeSetDestroy(nodeset);
return(-1);
}
xmlSecNodeSetDestroy(nodeset);
} else {
/* TODO */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "the binary c14n transforms are not supported yet",
- XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecNotImplementedError("binary c14n transforms");
return(-1);
}
return(0);
@@ -777,12 +619,8 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
dsigCtx->c14nMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx),
cur, xmlSecTransformUsageC14NMethod);
if(dsigCtx->c14nMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError2("xmlSecTransformCtxNodeRead", NULL,
+ "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
return(-1);
}
} else if(dsigCtx->defC14NMethodId != xmlSecTransformIdUnknown) {
@@ -792,20 +630,14 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
dsigCtx->c14nMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
dsigCtx->defC14NMethodId);
if(dsigCtx->c14nMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend", NULL);
return(-1);
}
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "CanonicalizationMethod",
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeCanonicalizationMethod));
+ /* if c14n method is not specified in the template and not specified in
+ * the dsig context then it's an error.
+ */
+ xmlSecInvalidNodeError(cur, xmlSecNodeCanonicalizationMethod, NULL);
return(-1);
}
@@ -815,12 +647,8 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
dsigCtx->preSignMemBufMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
xmlSecTransformMemBufId);
if(dsigCtx->preSignMemBufMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxCreateAndAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend",
+ xmlSecTransformKlassGetName(xmlSecTransformMemBufId));
}
}
@@ -830,14 +658,11 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
dsigCtx->signMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx),
cur, xmlSecTransformUsageSignatureMethod);
if(dsigCtx->signMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError("xmlSecTransformCtxNodeRead",
+ xmlSecNodeGetName(cur));
return(-1);
}
+ cur = xmlSecGetNextElementNode(cur->next);
} else if(dsigCtx->defSignMethodId != xmlSecTransformIdUnknown) {
/* the dsig spec does require SignatureMethod node
* to be present but in some case it application might decide to
@@ -845,28 +670,19 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
dsigCtx->signMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
dsigCtx->defSignMethodId);
if(dsigCtx->signMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend", NULL);
return(-1);
}
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeSignatureMethod));
+ /* if sign method is not specified in the template and not specified in
+ * the dsig context then it's an error.
+ */
+ xmlSecInvalidNodeError(cur, xmlSecNodeSignatureMethod, NULL);
return(-1);
}
dsigCtx->signMethod->operation = dsigCtx->operation;
/* read references */
- if(cur != NULL) {
- cur = xmlSecGetNextElementNode(cur->next);
- }
while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs))) {
/* record first reference node */
if((*firstReferenceNode) == NULL) {
@@ -880,21 +696,13 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
/* check that we have at least one Reference */
if(refNodesCount == 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError(XMLSEC_ERRORS_R_DSIG_NO_REFERENCES, NULL, NULL);
return(-1);
}
/* if there is something left than it's an error */
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, NULL);
return(-1);
}
@@ -902,44 +710,6 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node, xm
return(0);
}
-static int
-xmlSecHexToInt(char a)
-{
- if (a >= '0' && a <= '9') return(a - '0');
- if (a >= 'A' && a <= 'F') return(a - 'A' + 10);
- if (a >= 'a' && a <= 'f') return(a - 'a' + 10);
-
- return(-1);
-}
-
-static int
-xmlSecDecodeCmp(const xmlChar* encoded, const xmlChar* plain) {
-
- xmlSecAssert2(encoded != NULL, -1);
- xmlSecAssert2(plain != NULL, -1);
-
- while(*plain != '\0') {
- if(*encoded == '\0')
- return(-1);
-
- /* check encoded char is same with plain char */
- if(*encoded == '%') {
- if(*(encoded + 1) == '\0' &&*(encoded + 2) == '\0')
- return(-1);
-
- if((int)*plain !=
- xmlSecHexToInt(*(encoded + 1)) * 16 + xmlSecHexToInt(*(encoded + 2)))
- return(-1);
-
- encoded += 3;
- plain++;
- } else {
- if(*(encoded++) != *(plain++))
- return(-1);
- }
- }
- return(0);
-}
static int
xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferenceNode) {
@@ -957,123 +727,21 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
for(cur = firstReferenceNode; (cur != NULL); cur = xmlSecGetNextElementNode(cur->next)) {
/* already checked but we trust none */
if(!xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeReference));
+ xmlSecInvalidNodeError(cur, xmlSecNodeReference, NULL);
return(-1);
}
- /* TIZEN CUTUMIZED : skip uri in proxy caches for proxy mode */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) {
-
- int isInProxy = 0;
- if(dsigCtx->skipReferences != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
-
- xmlSecProxyCtxPtr pc = dsigCtx->skipReferences;
- while(pc != NULL) {
- if(strncmp((char*)refUri, (char*)pc->cache, xmlStrlen(refUri)) == 0) {
- isInProxy = 1;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "[%s] is already checked by singature-validator.",
- refUri);
- break;
- }
- pc = pc->next;
- }
- xmlFree(refUri);
- } else {
- /* if proxy is not exist, process references */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Proxy doesn't exist.");
- }
-
- if(isInProxy)
- continue;
- }
-
- /* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) {
-
- int isInProxy = 0;
- if(dsigCtx->checkReferences != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
-
- xmlSecProxyCtxPtr pc = dsigCtx->checkReferences;
- while(pc != NULL) {
- if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
- isInProxy = 1;
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Check [%s] on processing references.",
- refUri);
- break;
- }
- pc = pc->next;
- }
- xmlFree(refUri);
- } else {
- /* if proxy is not exist, process references */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Proxy doesn't exist.");
- }
-
- /* if not exist on proxy, skip on processing references */
- if(isInProxy == 0)
- continue;
- }
-
/* create reference */
dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
if(dsigRefCtx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigReferenceCtxCreate", NULL);
return(-1);
}
/* add to the list */
ret = xmlSecPtrListAdd(&(dsigCtx->signedInfoReferences), dsigRefCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListAdd", NULL);
xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
return(-1);
}
@@ -1081,12 +749,8 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
/* process */
ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxProcessNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError("xmlSecDSigReferenceCtxProcessNode",
+ xmlSecNodeGetName(cur));
return(-1);
}
@@ -1101,6 +765,7 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
return(0);
}
+
static int
xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
int ret;
@@ -1111,12 +776,8 @@ xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* set key requirements */
ret = xmlSecTransformSetKeyReq(dsigCtx->signMethod, &(dsigCtx->keyInfoReadCtx.keyReq));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformSetKeyReq",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
+ xmlSecInternalError("xmlSecTransformSetKeyReq",
+ xmlSecTransformGetName(dsigCtx->signMethod));
return(-1);
}
@@ -1129,23 +790,15 @@ xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* check that we have exactly what we want */
if((dsigCtx->signKey == NULL) || (!xmlSecKeyMatch(dsigCtx->signKey, NULL, &(dsigCtx->keyInfoReadCtx.keyReq)))) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_KEY_NOT_FOUND,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecOtherError(XMLSEC_ERRORS_R_KEY_NOT_FOUND, NULL, NULL);
return(-1);
}
/* set the key to the transform */
ret = xmlSecTransformSetKey(dsigCtx->signMethod, dsigCtx->signKey);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformSetKey",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
+ xmlSecInternalError("xmlSecTransformSetKey",
+ xmlSecTransformGetName(dsigCtx->signMethod));
return(-1);
}
@@ -1153,11 +806,7 @@ xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
if((node != NULL) && (dsigCtx->operation == xmlSecTransformOperationSign)) {
ret = xmlSecKeyInfoNodeWrite(node, dsigCtx->signKey, &(dsigCtx->keyInfoWriteCtx));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecKeyInfoNodeWrite",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecKeyInfoNodeWrite", NULL);
return(-1);
}
}
@@ -1208,11 +857,7 @@ xmlSecDSigCtxProcessObjectNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
if(xmlSecCheckNodeName(cur, xmlSecNodeManifest, xmlSecDSigNs)) {
ret = xmlSecDSigCtxProcessManifestNode(dsigCtx, cur);
if(ret < 0){
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigCtxProcessManifestNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigCtxProcessManifestNode", NULL);
return(-1);
}
}
@@ -1267,22 +912,14 @@ xmlSecDSigCtxProcessManifestNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* create reference */
dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginManifest);
if(dsigRefCtx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxCreate",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigReferenceCtxCreate", NULL);
return(-1);
}
/* add to the list */
ret = xmlSecPtrListAdd(&(dsigCtx->manifestReferences), dsigRefCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListAdd",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListAdd", NULL);
xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
return(-1);
}
@@ -1290,12 +927,8 @@ xmlSecDSigCtxProcessManifestNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* process */
ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxProcessNode",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError("xmlSecDSigReferenceCtxProcessNode",
+ xmlSecNodeGetName(cur));
return(-1);
}
@@ -1306,11 +939,7 @@ xmlSecDSigCtxProcessManifestNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
/* we should have nothing else here */
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, NULL);
return(-1);
}
return(0);
@@ -1516,22 +1145,13 @@ xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx, xmlSecDSigReferenceOrigin
dsigRefCtx = (xmlSecDSigReferenceCtxPtr) xmlMalloc(sizeof(xmlSecDSigReferenceCtx));
if(dsigRefCtx == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_MALLOC_FAILED,
- "sizeof(xmlSecDSigReferenceCtx)=%d",
- (int)sizeof(xmlSecDSigReferenceCtx));
+ xmlSecMallocError(sizeof(xmlSecDSigReferenceCtx), NULL);
return(NULL);
}
ret = xmlSecDSigReferenceCtxInitialize(dsigRefCtx, dsigCtx, origin);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecDSigReferenceCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecDSigReferenceCtxInitialize", NULL);
xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
return(NULL);
}
@@ -1580,11 +1200,7 @@ xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlSecDSi
/* initializes transforms dsigRefCtx */
ret = xmlSecTransformCtxInitialize(&(dsigRefCtx->transformCtx));
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxInitialize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxInitialize", NULL);
return(-1);
}
@@ -1593,11 +1209,7 @@ xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlSecDSi
ret = xmlSecPtrListCopy(&(dsigRefCtx->transformCtx.enabledTransforms),
dsigCtx->enabledReferenceTransforms);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecPtrListCopy",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecPtrListCopy", NULL);
return(-1);
}
}
@@ -1697,12 +1309,8 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
/* set start URI (and check that it is enabled!) */
ret = xmlSecTransformCtxSetUri(transformCtx, dsigRefCtx->uri, node);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxSetUri",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "uri=%s",
- xmlSecErrorsSafeString(dsigRefCtx->uri));
+ xmlSecInternalError2("xmlSecTransformCtxSetUri", NULL,
+ "uri=%s", xmlSecErrorsSafeString(dsigRefCtx->uri));
return(-1);
}
@@ -1712,12 +1320,8 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
ret = xmlSecTransformCtxNodesListRead(transformCtx,
cur, xmlSecTransformUsageDSigTransform);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxNodesListRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError2("xmlSecTransformCtxNodesListRead", NULL,
+ "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
return(-1);
}
@@ -1735,12 +1339,7 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
transformCtx,
xmlSecTransformMemBufId);
if(dsigRefCtx->preDigestMemBufMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxCreateAndAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "transform=%s",
- xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend(xmlSecTransformMemBufId)", NULL);
return(-1);
}
}
@@ -1750,12 +1349,8 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
dsigRefCtx->digestMethod = xmlSecTransformCtxNodeRead(&(dsigRefCtx->transformCtx),
cur, xmlSecTransformUsageDigestMethod);
if(dsigRefCtx->digestMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxNodeRead",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ xmlSecInternalError("xmlSecTransformCtxNodeRead",
+ xmlSecNodeGetName(cur));
return(-1);
}
@@ -1767,20 +1362,14 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
dsigRefCtx->digestMethod = xmlSecTransformCtxCreateAndAppend(&(dsigRefCtx->transformCtx),
dsigRefCtx->dsigCtx->defSignMethodId);
if(dsigRefCtx->digestMethod == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend", NULL);
return(-1);
}
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_INVALID_NODE,
- "expected=%s",
- xmlSecErrorsSafeString(xmlSecNodeDigestMethod));
+ /* if digest method is not specified in the template and not specified in
+ * the dsig context then it's an error.
+ */
+ xmlSecInvalidNodeError(cur, xmlSecNodeDigestMethod, NULL);
return(-1);
}
dsigRefCtx->digestMethod->operation = dsigRefCtx->dsigCtx->operation;
@@ -1790,22 +1379,13 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
digestValueNode = cur;
cur = xmlSecGetNextElementNode(cur->next);
} else {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeDigestValue));
+ xmlSecInvalidNodeError(cur, xmlSecNodeDigestValue, NULL);
return(-1);
}
/* if we have something else then it's an error */
if(cur != NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
- XMLSEC_ERRORS_R_UNEXPECTED_NODE,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecUnexpectedNodeError(cur, NULL);
return(-1);
}
@@ -1816,11 +1396,7 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
/* we need to add base64 encode transform */
base64Encode = xmlSecTransformCtxCreateAndAppend(transformCtx, xmlSecTransformBase64Id);
if(base64Encode == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxCreateAndAppend",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxCreateAndAppend", NULL);
return(-1);
}
base64Encode->operation = xmlSecTransformOperationEncode;
@@ -1829,23 +1405,14 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
/* finally get transforms results */
ret = xmlSecTransformCtxExecute(transformCtx, node->doc);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxExecute",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "uri:%s",
- xmlSecErrorsSafeString(dsigRefCtx->uri));
+ xmlSecInternalError("xmlSecTransformCtxExecute", NULL);
return(-1);
}
dsigRefCtx->result = transformCtx->result;
if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformCtxExecute",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
+ xmlSecInternalError("xmlSecTransformCtxExecute", NULL);
return(-1);
}
@@ -1861,12 +1428,7 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod,
digestValueNode, transformCtx);
if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecTransformVerifyNodeContent",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- "uri:%s",
- xmlSecErrorsSafeString(dsigRefCtx->uri));
+ xmlSecInternalError("xmlSecTransformVerifyNodeContent", NULL);
return(-1);
}
@@ -2027,6 +1589,7 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
}
}
+
/**************************************************************************
*
* xmlSecDSigReferenceCtxListKlass
@@ -2053,3 +1616,5 @@ xmlSecDSigReferenceCtxListGetKlass(void) {
}
#endif /* XMLSEC_NO_XMLDSIG */
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-13 07:01:02 +0000