/** * XMLSec library * * This is free software; see Copyright file in the source * distribution for preciese wording. * * Copyright (C) 2002-2016 Aleksey Sanin . All Rights Reserved. */ #ifndef XMLSEC_NO_HMAC #include "globals.h" #include #include #include #include #include #include #include #include #include /* sizes in bits */ #define XMLSEC_GCRYPT_MIN_HMAC_SIZE 80 #define XMLSEC_GCRYPT_MAX_HMAC_SIZE (128 * 8) /************************************************************************** * * Configuration * *****************************************************************************/ static int g_xmlsec_gcrypt_hmac_min_length = XMLSEC_GCRYPT_MIN_HMAC_SIZE; /** * xmlSecGCryptHmacGetMinOutputLength: * * Gets the value of min HMAC length. * * Returns: the min HMAC output length */ int xmlSecGCryptHmacGetMinOutputLength(void) { return g_xmlsec_gcrypt_hmac_min_length; } /** * xmlSecGCryptHmacSetMinOutputLength: * @min_length: the new min length * * Sets the min HMAC output length */ void xmlSecGCryptHmacSetMinOutputLength(int min_length) { g_xmlsec_gcrypt_hmac_min_length = min_length; } /************************************************************************** * * Internal GCRYPT HMAC CTX * *****************************************************************************/ typedef struct _xmlSecGCryptHmacCtx xmlSecGCryptHmacCtx, *xmlSecGCryptHmacCtxPtr; struct _xmlSecGCryptHmacCtx { int digest; gcry_md_hd_t digestCtx; xmlSecByte dgst[XMLSEC_GCRYPT_MAX_HMAC_SIZE / 8]; xmlSecSize dgstSize; /* dgst size in bits */ }; /****************************************************************************** * * HMAC transforms * * xmlSecGCryptHmacCtx is located after xmlSecTransform * *****************************************************************************/ #define xmlSecGCryptHmacGetCtx(transform) \ ((xmlSecGCryptHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform))) #define xmlSecGCryptHmacSize \ (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptHmacCtx)) static int xmlSecGCryptHmacCheckId (xmlSecTransformPtr transform); static int xmlSecGCryptHmacInitialize (xmlSecTransformPtr transform); static void xmlSecGCryptHmacFinalize (xmlSecTransformPtr transform); static int xmlSecGCryptHmacNodeRead (xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx); static int xmlSecGCryptHmacSetKeyReq (xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq); static int xmlSecGCryptHmacSetKey (xmlSecTransformPtr transform, xmlSecKeyPtr key); static int xmlSecGCryptHmacVerify (xmlSecTransformPtr transform, const xmlSecByte* data, xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx); static int xmlSecGCryptHmacExecute (xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx); static int xmlSecGCryptHmacCheckId(xmlSecTransformPtr transform) { #ifndef XMLSEC_NO_SHA1 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha1Id)) { return(1); } else #endif /* XMLSEC_NO_SHA1 */ #ifndef XMLSEC_NO_SHA256 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha256Id)) { return(1); } else #endif /* XMLSEC_NO_SHA256 */ #ifndef XMLSEC_NO_SHA384 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha384Id)) { return(1); } else #endif /* XMLSEC_NO_SHA384 */ #ifndef XMLSEC_NO_SHA512 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha512Id)) { return(1); } else #endif /* XMLSEC_NO_SHA512 */ #ifndef XMLSEC_NO_RIPEMD160 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacRipemd160Id)) { return(1); } else #endif /* XMLSEC_NO_RIPEMD160 */ #ifndef XMLSEC_NO_MD5 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacMd5Id)) { return(1); } else #endif /* XMLSEC_NO_MD5 */ /* not found */ { return(0); } /* just in case */ return(0); } static int xmlSecGCryptHmacInitialize(xmlSecTransformPtr transform) { xmlSecGCryptHmacCtxPtr ctx; gcry_error_t err; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); memset(ctx, 0, sizeof(xmlSecGCryptHmacCtx)); #ifndef XMLSEC_NO_SHA1 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha1Id)) { ctx->digest = GCRY_MD_SHA1; } else #endif /* XMLSEC_NO_SHA1 */ #ifndef XMLSEC_NO_SHA256 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha256Id)) { ctx->digest = GCRY_MD_SHA256; } else #endif /* XMLSEC_NO_SHA256 */ #ifndef XMLSEC_NO_SHA384 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha384Id)) { ctx->digest = GCRY_MD_SHA384; } else #endif /* XMLSEC_NO_SHA384 */ #ifndef XMLSEC_NO_SHA512 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha512Id)) { ctx->digest = GCRY_MD_SHA512; } else #endif /* XMLSEC_NO_SHA512 */ #ifndef XMLSEC_NO_RIPEMD160 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacRipemd160Id)) { ctx->digest = GCRY_MD_RMD160; } else #endif /* XMLSEC_NO_RIPEMD160 */ #ifndef XMLSEC_NO_MD5 if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacMd5Id)) { ctx->digest = GCRY_MD_MD5; } else #endif /* XMLSEC_NO_MD5 */ /* not found */ { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_TRANSFORM, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* open context */ err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */ if(err != GPG_ERR_NO_ERROR) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "gcry_md_open", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_GCRYPT_REPORT_ERROR(err)); return(-1); } return(0); } static void xmlSecGCryptHmacFinalize(xmlSecTransformPtr transform) { xmlSecGCryptHmacCtxPtr ctx; xmlSecAssert(xmlSecGCryptHmacCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize)); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->digestCtx != NULL) { gcry_md_close(ctx->digestCtx); } memset(ctx, 0, sizeof(xmlSecGCryptHmacCtx)); } /** * xmlSecGCryptHmacNodeRead: * * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC): * * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits * as a parameter; if the parameter is not specified then all the bits of the * hash are output. An example of an HMAC SignatureMethod element: * * 128 * * * Schema Definition: * * * * * * DTD: * * */ static int xmlSecGCryptHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecGCryptHmacCtxPtr ctx; xmlNodePtr cur; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); cur = xmlSecGetNextElementNode(node->children); if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) { xmlChar *content; content = xmlNodeGetContent(cur); if(content != NULL) { ctx->dgstSize = atoi((char*)content); xmlFree(content); } /* Ensure that HMAC length is greater than min specified. Otherwise, an attacker can set this length to 0 or very small value */ if((int)ctx->dgstSize < xmlSecGCryptHmacGetMinOutputLength()) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, "HMAC output length is too small"); return(-1); } cur = xmlSecGetNextElementNode(cur->next); } if(cur != NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), XMLSEC_ERRORS_R_INVALID_NODE, "no nodes expected"); return(-1); } return(0); } static int xmlSecGCryptHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecGCryptHmacCtxPtr ctx; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(keyReq != NULL, -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); keyReq->keyId = xmlSecGCryptKeyDataHmacId; keyReq->keyType= xmlSecKeyDataTypeSymmetric; if(transform->operation == xmlSecTransformOperationSign) { keyReq->keyUsage = xmlSecKeyUsageSign; } else { keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); } static int xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecGCryptHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; gcry_error_t err; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digestCtx != NULL, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecGCryptKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key is empty"); return(-1); } err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer)); if(err != GPG_ERR_NO_ERROR) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "gcry_md_setkey", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_GCRYPT_REPORT_ERROR(err)); return(-1); } return(0); } static int xmlSecGCryptHmacVerify(xmlSecTransformPtr transform, const xmlSecByte* data, xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) { static xmlSecByte last_byte_masks[] = { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE }; xmlSecGCryptHmacCtxPtr ctx; xmlSecByte mask; xmlSecAssert2(xmlSecTransformIsValid(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1); xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1); xmlSecAssert2(data != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digestCtx != NULL, -1); xmlSecAssert2(ctx->dgstSize > 0, -1); /* compare the digest size in bytes */ if(dataSize != ((ctx->dgstSize + 7) / 8)){ xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_SIZE, "data=%d;dgst=%d", dataSize, ((ctx->dgstSize + 7) / 8)); transform->status = xmlSecTransformStatusFail; return(0); } /* we check the last byte separatelly */ xmlSecAssert2(dataSize > 0, -1); mask = last_byte_masks[ctx->dgstSize % 8]; if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1] & mask)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_DATA_NOT_MATCH, "data and digest do not match (last byte)"); transform->status = xmlSecTransformStatusFail; return(0); } /* now check the rest of the digest */ if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_DATA_NOT_MATCH, "data and digest do not match"); transform->status = xmlSecTransformStatusFail; return(0); } transform->status = xmlSecTransformStatusOk; return(0); } static int xmlSecGCryptHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecGCryptHmacCtxPtr ctx; xmlSecBufferPtr in, out; xmlSecByte* dgst; xmlSecSize dgstSize; int ret; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digestCtx != NULL, -1); in = &(transform->inBuf); out = &(transform->outBuf); if(transform->status == xmlSecTransformStatusNone) { transform->status = xmlSecTransformStatusWorking; } if(transform->status == xmlSecTransformStatusWorking) { xmlSecSize inSize; inSize = xmlSecBufferGetSize(in); if(inSize > 0) { gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize); ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferRemoveHead", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", inSize); return(-1); } } if(last) { /* get the final digest */ gcry_md_final(ctx->digestCtx); dgst = gcry_md_read(ctx->digestCtx, ctx->digest); if(dgst == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "gcry_md_read", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* copy it to our internal buffer */ dgstSize = gcry_md_get_algo_dlen(ctx->digest); xmlSecAssert2(dgstSize > 0, -1); xmlSecAssert2(dgstSize <= sizeof(ctx->dgst), -1); memcpy(ctx->dgst, dgst, dgstSize); /* check/set the result digest size */ if(ctx->dgstSize == 0) { ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */ } else if(ctx->dgstSize <= 8 * dgstSize) { dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */ } else { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_SIZE, "result-bits=%d;required-bits=%d", 8 * dgstSize, ctx->dgstSize); return(-1); } if(transform->operation == xmlSecTransformOperationSign) { ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferAppend", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", dgstSize); return(-1); } } transform->status = xmlSecTransformStatusFinished; } } else if(transform->status == xmlSecTransformStatusFinished) { /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_STATUS, "size=%d", transform->status); return(-1); } return(0); } #ifndef XMLSEC_NO_SHA1 /****************************************************************************** * * HMAC SHA1 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacSha1Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacSha1, /* const xmlChar* name; */ xmlSecHrefHmacSha1, /* const xmlChar *href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacSha1GetKlass: * * The HMAC-SHA1 transform klass. * * Returns: the HMAC-SHA1 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacSha1GetKlass(void) { return(&xmlSecGCryptHmacSha1Klass); } #endif /* XMLSEC_NO_SHA1 */ #ifndef XMLSEC_NO_SHA256 /****************************************************************************** * * HMAC SHA256 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacSha256Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacSha256, /* const xmlChar* name; */ xmlSecHrefHmacSha256, /* const xmlChar *href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacSha256GetKlass: * * The HMAC-SHA256 transform klass. * * Returns: the HMAC-SHA256 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacSha256GetKlass(void) { return(&xmlSecGCryptHmacSha256Klass); } #endif /* XMLSEC_NO_SHA256 */ #ifndef XMLSEC_NO_SHA384 /****************************************************************************** * * HMAC SHA384 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacSha384Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacSha384, /* const xmlChar* name; */ xmlSecHrefHmacSha384, /* const xmlChar *href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacSha384GetKlass: * * The HMAC-SHA384 transform klass. * * Returns: the HMAC-SHA384 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacSha384GetKlass(void) { return(&xmlSecGCryptHmacSha384Klass); } #endif /* XMLSEC_NO_SHA384 */ #ifndef XMLSEC_NO_SHA512 /****************************************************************************** * * HMAC SHA512 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacSha512Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacSha512, /* const xmlChar* name; */ xmlSecHrefHmacSha512, /* const xmlChar *href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacSha512GetKlass: * * The HMAC-SHA512 transform klass. * * Returns: the HMAC-SHA512 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacSha512GetKlass(void) { return(&xmlSecGCryptHmacSha512Klass); } #endif /* XMLSEC_NO_SHA512 */ #ifndef XMLSEC_NO_RIPEMD160 /****************************************************************************** * * HMAC Ripemd160 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacRipemd160Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacRipemd160, /* const xmlChar* name; */ xmlSecHrefHmacRipemd160, /* const xmlChar* href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacRipemd160GetKlass: * * The HMAC-RIPEMD160 transform klass. * * Returns: the HMAC-RIPEMD160 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacRipemd160GetKlass(void) { return(&xmlSecGCryptHmacRipemd160Klass); } #endif /* XMLSEC_NO_RIPEMD160 */ #ifndef XMLSEC_NO_MD5 /****************************************************************************** * * HMAC MD5 * ******************************************************************************/ static xmlSecTransformKlass xmlSecGCryptHmacMd5Klass = { /* klass/object sizes */ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ xmlSecGCryptHmacSize, /* xmlSecSize objSize */ xmlSecNameHmacMd5, /* const xmlChar* name; */ xmlSecHrefHmacMd5, /* const xmlChar* href; */ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ xmlSecGCryptHmacInitialize, /* xmlSecTransformInitializeMethod initialize; */ xmlSecGCryptHmacFinalize, /* xmlSecTransformFinalizeMethod finalize; */ xmlSecGCryptHmacNodeRead, /* xmlSecTransformNodeReadMethod readNode; */ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ xmlSecGCryptHmacSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ xmlSecGCryptHmacSetKey, /* xmlSecTransformSetKeyMethod setKey; */ xmlSecGCryptHmacVerify, /* xmlSecTransformValidateMethod validate; */ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ NULL, /* xmlSecTransformPopXmlMethod popXml; */ xmlSecGCryptHmacExecute, /* xmlSecTransformExecuteMethod execute; */ NULL, /* void* reserved0; */ NULL, /* void* reserved1; */ }; /** * xmlSecGCryptTransformHmacMd5GetKlass: * * The HMAC-MD5 transform klass. * * Returns: the HMAC-MD5 transform klass. */ xmlSecTransformId xmlSecGCryptTransformHmacMd5GetKlass(void) { return(&xmlSecGCryptHmacMd5Klass); } #endif /* XMLSEC_NO_MD5 */ #endif /* XMLSEC_NO_HMAC */