static int
xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
xmlSecOpenSSLDigestCtxPtr ctx;
xmlSecBufferPtr in, out;
int ret;
xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
xmlSecAssert2(transformCtx != NULL, -1);
in = &(transform->inBuf);
xmlSecAssert2(in != NULL, -1);
out = &(transform->outBuf);
xmlSecAssert2(out != NULL, -1);
ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digest != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
ret = EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"EVP_DigestInit",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
transform->status = xmlSecTransformStatusWorking;
}
if(transform->status == xmlSecTransformStatusWorking) {
xmlSecSize inSize;
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
ret = EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"EVP_DigestUpdate",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"size=%d", inSize);
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"xmlSecBufferRemoveHead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"size=%d", inSize);
return(-1);
}
}
if(last) {
unsigned int dgstSize;
xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1);
ret = EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &dgstSize);
if(ret != 1) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"EVP_DigestFinal",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
xmlSecAssert2(dgstSize > 0, -1);
ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
/* copy result to output */
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"xmlSecBufferAppend",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"size=%d", ctx->dgstSize);
return(-1);
}
}
transform->status = xmlSecTransformStatusFinished;
}
} else if(transform->status == xmlSecTransformStatusFinished) {
/* the only way we can get here is if there is no input */
xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
} else {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_STATUS,
"status=%d", transform->status);
return(-1);
}
return(0);
}
static int
xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
xmlSecNssDigestCtxPtr ctx;
xmlSecBufferPtr in, out;
SECStatus rv;
int ret;
xmlSecAssert2(xmlSecNssDigestCheckId(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
xmlSecAssert2(transformCtx != NULL, -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssDigestSize), -1);
ctx = xmlSecNssDigestGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->digestCtx != NULL, -1);
in = &(transform->inBuf);
out = &(transform->outBuf);
if(transform->status == xmlSecTransformStatusNone) {
rv = PK11_DigestBegin(ctx->digestCtx);
if(rv != SECSuccess) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"PK11_DigestBegin",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"error code=%d", PORT_GetError());
return(-1);
}
transform->status = xmlSecTransformStatusWorking;
}
if(transform->status == xmlSecTransformStatusWorking) {
xmlSecSize inSize;
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
if (rv != SECSuccess) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"PK11_DigestOp",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"error code=%d", PORT_GetError());
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"xmlSecBufferRemoveHead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"size=%d", inSize);
return(-1);
}
}
if(last) {
unsigned int dgstSize;
rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
if(rv != SECSuccess) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"PK11_DigestFinal",
XMLSEC_ERRORS_R_CRYPTO_FAILED,
"error code=%d", PORT_GetError());
return(-1);
}
xmlSecAssert2(dgstSize > 0, -1);
ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
"xmlSecBufferAppend",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"size=%d", ctx->dgstSize);
return(-1);
}
}
transform->status = xmlSecTransformStatusFinished;
}
} else if(transform->status == xmlSecTransformStatusFinished) {
/* the only way we can get here is if there is no input */
xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
} else {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
NULL,
XMLSEC_ERRORS_R_INVALID_STATUS,
"status=%d", transform->status);
return(-1);
}
return(0);
}
static int
xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
xmlSecOpenSSLHmacCtxPtr ctx;
xmlSecBufferPtr in, out;
int ret;
xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
xmlSecAssert2(transformCtx != NULL, -1);
in = &(transform->inBuf);
out = &(transform->outBuf);
ctx = xmlSecOpenSSLHmacGetCtx(transform);
xmlSecAssert2(ctx != NULL, -1);
xmlSecAssert2(ctx->ctxInitialized != 0, -1);
xmlSecAssert2(ctx->hmacCtx != NULL, -1);
if(transform->status == xmlSecTransformStatusNone) {
/* we should be already initialized when we set key */
transform->status = xmlSecTransformStatusWorking;
}
if(transform->status == xmlSecTransformStatusWorking) {
xmlSecSize inSize;
inSize = xmlSecBufferGetSize(in);
if(inSize > 0) {
ret = HMAC_Update(ctx->hmacCtx, xmlSecBufferGetData(in), inSize);
if(ret != 1) {
xmlSecOpenSSLError("HMAC_Update",
xmlSecTransformGetName(transform));
return(-1);
}
ret = xmlSecBufferRemoveHead(in, inSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferRemoveHead",
xmlSecTransformGetName(transform),
"size=%d", inSize);
return(-1);
}
}
if(last) {
unsigned int dgstSize = 0;
ret = HMAC_Final(ctx->hmacCtx, ctx->dgst, &dgstSize);
if(ret != 1) {
xmlSecOpenSSLError("HMAC_Final",
xmlSecTransformGetName(transform));
return(-1);
}
xmlSecAssert2(dgstSize > 0, -1);
/* check/set the result digest size */
if(ctx->dgstSize == 0) {
ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize * 8); /* no dgst size specified, use all we have */
} else if(ctx->dgstSize <= XMLSEC_SIZE_BAD_CAST(8 * dgstSize)) {
dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
} else {
xmlSecInvalidSizeLessThanError("HMAC digest (bits)",
8 * dgstSize, ctx->dgstSize,
xmlSecTransformGetName(transform));
return(-1);
}
/* finally write result to output */
if(transform->operation == xmlSecTransformOperationSign) {
ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
if(ret < 0) {
xmlSecInternalError2("xmlSecBufferAppend",
xmlSecTransformGetName(transform),
"size=%d", dgstSize);
return(-1);
}
}
transform->status = xmlSecTransformStatusFinished;
}
} else if(transform->status == xmlSecTransformStatusFinished) {
/* the only way we can get here is if there is no input */
xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
} else {
xmlSecInvalidTransfromStatusError(transform);
return(-1);
}
return(0);
}
