static int xmlSecOpenSSLRsaOaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLRsaOaepCtxPtr ctx; EVP_PKEY* pKey; RSA *rsa; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataRsaId), -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->pKey == NULL, -1); pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key)); if(pKey == NULL) { xmlSecInternalError("xmlSecOpenSSLKeyDataRsaGetEvp", xmlSecTransformGetName(transform)); return(-1); } xmlSecAssert2(EVP_PKEY_base_id(pKey) == EVP_PKEY_RSA, -1); rsa = EVP_PKEY_get0_RSA(pKey); xmlSecAssert2(rsa != NULL, -1); ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey); if(ctx->pKey == NULL) { xmlSecInternalError("xmlSecOpenSSLEvpKeyDup", xmlSecTransformGetName(transform)); return(-1); } return(0); }
/** * xmlSecBase64Decode: * @str: the input buffer with base64 encoded string * @buf: the output buffer * @len: the output buffer size * * Decodes input base64 encoded string and puts result into * the output buffer. * * Returns: the number of bytes written to the output buffer or * a negative value if an error occurs */ int xmlSecBase64Decode(const xmlChar* str, xmlSecByte *buf, xmlSecSize len) { xmlSecBase64Ctx ctx; int size_update; int size_final; int ret; xmlSecAssert2(str != NULL, -1); xmlSecAssert2(buf != NULL, -1); ret = xmlSecBase64CtxInitialize(&ctx, 0, 0); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxInitialize", NULL); return(-1); } ret = xmlSecBase64CtxUpdate(&ctx, (const xmlSecByte*)str, xmlStrlen(str), buf, len); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxUpdate", NULL); xmlSecBase64CtxFinalize(&ctx); return(-1); } size_update = ret; ret = xmlSecBase64CtxFinal(&ctx, buf + size_update, len - size_update); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxFinal", NULL); xmlSecBase64CtxFinalize(&ctx); return(-1); } size_final = ret; xmlSecBase64CtxFinalize(&ctx); return(size_update + size_final); }
int main() { int ret; // OK ret = foo(); if (ret < 0) { xmlSecInternalError("foo", NULL); } // OK ret = outer(1, strlen("x")); if (ret < 0) { xmlSecInternalError("outer", NULL); } // KO ret = foo(); if (ret < 0) { xmlSecInternalError("bar", NULL); } }
/** * xmlSecBase64CtxUpdate: * @ctx: the pointer to #xmlSecBase64Ctx structure * @in: the input buffer * @inSize: the input buffer size * @out: the output buffer * @outSize: the output buffer size * * Encodes or decodes the next piece of data from input buffer. * * Returns: the number of bytes written to output buffer or * -1 if an error occurs. */ int xmlSecBase64CtxUpdate(xmlSecBase64CtxPtr ctx, const xmlSecByte *in, xmlSecSize inSize, xmlSecByte *out, xmlSecSize outSize) { xmlSecSize inResSize = 0, outResSize = 0; int ret; xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(in != NULL, -1); xmlSecAssert2(out != NULL, -1); if(ctx->encode != 0) { ret = xmlSecBase64CtxEncode(ctx, in, inSize, &inResSize, out, outSize, &outResSize); if((ret < 0) || (inResSize != inSize)) { xmlSecInternalError("xmlSecBase64CtxEncode", NULL); return(-1); } } else { ret = xmlSecBase64CtxDecode(ctx, in, inSize, &inResSize, out, outSize, &outResSize); if((ret < 0) || (inResSize != inSize)) { xmlSecInternalError("xmlSecBase64CtxDecode", NULL); return(-1); } } return(outResSize); }
/** * xmlSecNssKeysMngrInit: * @mngr: the pointer to keys manager. * * Adds NSS specific key data stores in keys manager. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecNssKeysMngrInit(xmlSecKeysMngrPtr mngr) { int ret; xmlSecAssert2(mngr != NULL, -1); #ifndef XMLSEC_NO_X509 /* create x509 store if needed */ if(xmlSecKeysMngrGetDataStore(mngr, xmlSecNssX509StoreId) == NULL) { xmlSecKeyDataStorePtr x509Store; x509Store = xmlSecKeyDataStoreCreate(xmlSecNssX509StoreId); if(x509Store == NULL) { xmlSecInternalError("xmlSecKeyDataStoreCreate(xmlSecNssX509StoreId)", NULL); return(-1); } ret = xmlSecKeysMngrAdoptDataStore(mngr, x509Store); if(ret < 0) { xmlSecInternalError("xmlSecKeysMngrAdoptDataStore", NULL); xmlSecKeyDataStoreDestroy(x509Store); return(-1); } } #endif /* XMLSEC_NO_X509 */ return(0); }
static int xmlSecTransformXPointerNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecPtrListPtr dataList; xmlSecXPathDataPtr data; xmlNodePtr cur; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPointerId), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1); xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1); /* there is only one required node */ cur = xmlSecGetNextElementNode(node->children); if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeXPointer, xmlSecXPointerNs))) { xmlSecInvalidNodeError(cur, xmlSecNodeXPointer, xmlSecTransformGetName(transform)); return(-1); } /* read information from the node */ data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPointer); if(data == NULL) { xmlSecInternalError("xmlSecXPathDataCreate", xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecXPathDataNodeRead(data, cur); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataNodeRead", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* append it to the list */ ret = xmlSecPtrListAdd(dataList, data); if(ret < 0) { xmlSecInternalError("xmlSecPtrListAdd", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* set correct node set type and operation */ data->nodeSetOp = xmlSecNodeSetIntersection; data->nodeSetType = xmlSecNodeSetTree; /* check that we have nothing else */ cur = xmlSecGetNextElementNode(cur->next); if(cur != NULL) { xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform)); return(-1); } return(0); }
/** * xmlSecTransformXPointerSetExpr: * @transform: the pointer to XPointer transform. * @expr: the XPointer expression. * @nodeSetType: the type of evaluated XPointer expression. * @hereNode: the pointer to "here" node. * * Sets the XPointer expression for an XPointer @transform. * * Returns: 0 on success or a negative value if an error occurs. */ int xmlSecTransformXPointerSetExpr(xmlSecTransformPtr transform, const xmlChar* expr, xmlSecNodeSetType nodeSetType, xmlNodePtr hereNode) { xmlSecPtrListPtr dataList; xmlSecXPathDataPtr data; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPointerId), -1); xmlSecAssert2(transform->hereNode == NULL, -1); xmlSecAssert2(expr != NULL, -1); xmlSecAssert2(hereNode != NULL, -1); transform->hereNode = hereNode; dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1); xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1); data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPointer); if(data == NULL) { xmlSecInternalError("xmlSecXPathDataCreate", xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecXPathDataRegisterNamespaces(data, hereNode); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataRegisterNamespaces", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } ret = xmlSecXPathDataSetExpr(data, expr); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataSetExpr", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* append it to the list */ ret = xmlSecPtrListAdd(dataList, data); if(ret < 0) { xmlSecInternalError("xmlSecPtrListAdd", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* set correct node set type and operation */ data->nodeSetOp = xmlSecNodeSetIntersection; data->nodeSetType = nodeSetType; return(0); }
/** * xmlSecBase64Encode: * @buf: the input buffer. * @len: the input buffer size. * @columns: the output max line length (if 0 then no line breaks * would be inserted) * * Encodes the data from input buffer and allocates the string for the result. * The caller is responsible for freeing returned buffer using * xmlFree() function. * * Returns: newly allocated string with base64 encoded data * or NULL if an error occurs. */ xmlChar* xmlSecBase64Encode(const xmlSecByte *buf, xmlSecSize len, int columns) { xmlSecBase64Ctx ctx; xmlChar *ptr; xmlSecSize size; int size_update, size_final; int ret; xmlSecAssert2(buf != NULL, NULL); ret = xmlSecBase64CtxInitialize(&ctx, 1, columns); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxInitialize", NULL); return(NULL); } /* create result buffer */ size = (4 * len) / 3 + 4; if(columns > 0) { size += (size / columns) + 4; } ptr = (xmlChar*) xmlMalloc(size); if(ptr == NULL) { xmlSecMallocError(size, NULL); xmlSecBase64CtxFinalize(&ctx); return(NULL); } ret = xmlSecBase64CtxUpdate(&ctx, buf, len, (xmlSecByte*)ptr, size); if(ret < 0) { xmlSecInternalError3("xmlSecBase64CtxUpdate", NULL, "len=%lu;size=%lu", (unsigned long)len, (unsigned long)size); xmlFree(ptr); xmlSecBase64CtxFinalize(&ctx); return(NULL); } size_update = ret; ret = xmlSecBase64CtxFinal(&ctx, ((xmlSecByte*)ptr) + size_update, size - size_update); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxFinal", NULL); xmlFree(ptr); xmlSecBase64CtxFinalize(&ctx); return(NULL); } size_final = ret; ptr[size_update + size_final] = '\0'; xmlSecBase64CtxFinalize(&ctx); return(ptr); }
/** * xmlSecBase64CtxFinal: * @ctx: the pointer to #xmlSecBase64Ctx structure * @out: the output buffer * @outSize: the output buffer size * * Encodes or decodes the last piece of data stored in the context * and finalizes the result. * * Returns: the number of bytes written to output buffer or * -1 if an error occurs. */ int xmlSecBase64CtxFinal(xmlSecBase64CtxPtr ctx, xmlSecByte *out, xmlSecSize outSize) { xmlSecSize outResSize = 0; int ret; xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(out != NULL, -1); xmlSecAssert2(outSize > 0, -1); if(ctx->encode != 0) { ret = xmlSecBase64CtxEncodeFinal(ctx, out, outSize, &outResSize); if(ret < 0) { xmlSecInternalError2("xmlSecBase64CtxEncodeFinal", NULL, "outSize=%d", outSize); return(-1); } } else { if(!xmlSecBase64CtxDecodeIsFinished(ctx)) { xmlSecInternalError("xmlSecBase64CtxIsFinished", NULL); return(-1); } } /* add \0 */ if((outResSize + 1) < outSize) { out[outResSize] = '\0'; } return(outResSize); }
static int xmlSecTransformXPathExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecPtrListPtr dataList; xmlDocPtr doc; xmlSecAssert2(xmlSecTransformXPathCheckId(transform), -1); xmlSecAssert2(transform->hereNode != NULL, -1); xmlSecAssert2(transform->outNodes == NULL, -1); xmlSecAssert2(last != 0, -1); xmlSecAssert2(transformCtx != NULL, -1); dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1); xmlSecAssert2(xmlSecPtrListGetSize(dataList) > 0, -1); doc = (transform->inNodes != NULL) ? transform->inNodes->doc : transform->hereNode->doc; xmlSecAssert2(doc != NULL, -1); transform->outNodes = xmlSecXPathDataListExecute(dataList, doc, transform->hereNode, transform->inNodes); if(transform->outNodes == NULL) { xmlSecInternalError("xmlSecXPathDataExecute", xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecMSCngSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecMSCngSignatureCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecAssert2(xmlSecMSCngSignatureCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngSignatureSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecMSCngSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->keyId != NULL, -1); xmlSecAssert2(ctx->pszHashAlgId != 0, -1); xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(value != NULL, -1); ctx->data = xmlSecKeyDataDuplicate(value); if(ctx->data == NULL) { xmlSecInternalError("xmlSecKeyDataDuplicate", xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecOpenSSLRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecOpenSSLRsaOaepCtxPtr ctx; xmlNodePtr cur; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(xmlSecBufferGetSize(&(ctx->oaepParams)) == 0, -1); cur = xmlSecGetNextElementNode(node->children); while(cur != NULL) { if(xmlSecCheckNodeName(cur, xmlSecNodeRsaOAEPparams, xmlSecEncNs)) { ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur); if(ret < 0) { xmlSecInternalError("xmlSecBufferBase64NodeContentRead", xmlSecTransformGetName(transform)); return(-1); } } else if(xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs)) { xmlChar* algorithm; /* Algorithm attribute is required */ algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm); if(algorithm == NULL) { xmlSecInvalidNodeAttributeError(cur, xmlSecAttrAlgorithm, xmlSecTransformGetName(transform), "empty"); return(-1); } /* for now we support only sha1 */ if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) { xmlSecInvalidTransfromError2(transform, "digest algorithm=\"%s\" is not supported for rsa/oaep", xmlSecErrorsSafeString(algorithm)); xmlFree(algorithm); return(-1); } xmlFree(algorithm); } else { /* not found */ xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform)); return(-1); } /* next node */ cur = xmlSecGetNextElementNode(cur->next); } return(0); }
/** * xmlSecNssInit: * * XMLSec library specific crypto engine initialization. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecNssInit (void) { /* Check loaded xmlsec library version */ if(xmlSecCheckVersionExact() != 1) { xmlSecInternalError("xmlSecCheckVersionExact", NULL); return(-1); } /* set default errors callback for xmlsec to us */ xmlSecErrorsSetCallback(xmlSecNssErrorsDefaultCallback); /* register our klasses */ if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_nss()) < 0) { xmlSecInternalError("xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms", NULL); return(-1); } return(0); }
static int xmlSecMSCngSignatureVerify(xmlSecTransformPtr transform, const xmlSecByte* data, xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) { xmlSecMSCngSignatureCtxPtr ctx; BCRYPT_KEY_HANDLE pubkey; NTSTATUS status; int ret; xmlSecAssert2(xmlSecMSCngSignatureCheckId(transform), -1); xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngSignatureSize), -1); xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1); xmlSecAssert2(data != NULL, -1); xmlSecAssert2(dataSize > 0, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecMSCngSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); pubkey = xmlSecMSCngKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic); if(pubkey == 0) { xmlSecInternalError("xmlSecMSCngKeyDataGetKey", xmlSecTransformGetName(transform)); return(-1); } status = BCryptVerifySignature( pubkey, NULL, ctx->pbHash, ctx->cbHash, (PBYTE)data, dataSize, 0); if(status != STATUS_SUCCESS) { if(status == STATUS_INVALID_SIGNATURE) { xmlSecOtherError(XMLSEC_ERRORS_R_DATA_NOT_MATCH, xmlSecTransformGetName(transform), "BCryptVerifySignature: the signature was not verified"); transform->status = xmlSecTransformStatusFail; return(-1); } else { xmlSecMSCngNtError("BCryptVerifySignature", xmlSecTransformGetName(transform), status); return(-1); } } transform->status = xmlSecTransformStatusOk; return(0); }
static xmlSecNodeSetPtr xmlSecXPathDataListExecute(xmlSecPtrListPtr dataList, xmlDocPtr doc, xmlNodePtr hereNode, xmlSecNodeSetPtr nodes) { xmlSecXPathDataPtr data; xmlSecNodeSetPtr res, tmp, tmp2; xmlSecSize pos; xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), NULL); xmlSecAssert2(xmlSecPtrListGetSize(dataList) > 0, NULL); xmlSecAssert2(doc != NULL, NULL); xmlSecAssert2(hereNode != NULL, NULL); res = nodes; for(pos = 0; pos < xmlSecPtrListGetSize(dataList); ++pos) { data = (xmlSecXPathDataPtr)xmlSecPtrListGetItem(dataList, pos); if(data == NULL) { xmlSecInternalError2("xmlSecPtrListGetItem", NULL, "pos=%d", pos); if((res != NULL) && (res != nodes)) { xmlSecNodeSetDestroy(res); } return(NULL); } tmp = xmlSecXPathDataExecute(data, doc, hereNode); if(tmp == NULL) { xmlSecInternalError("xmlSecXPathDataExecute", NULL); if((res != NULL) && (res != nodes)) { xmlSecNodeSetDestroy(res); } return(NULL); } tmp2 = xmlSecNodeSetAdd(res, tmp, data->nodeSetOp); if(tmp2 == NULL) { xmlSecInternalError2("xmlSecNodeSetAdd", NULL, "nodeSetOp=%d", (int)data->nodeSetOp); if((res != NULL) && (res != nodes)) { xmlSecNodeSetDestroy(res); } xmlSecNodeSetDestroy(tmp); return(NULL); } res = tmp2; } return(res); }
static int xmlSecTransformXPathInitialize(xmlSecTransformPtr transform) { xmlSecPtrListPtr dataList; int ret; xmlSecAssert2(xmlSecTransformXPathCheckId(transform), -1); dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(dataList != NULL, -1); ret = xmlSecPtrListInitialize(dataList, xmlSecXPathDataListId); if(ret < 0) { xmlSecInternalError("xmlSecPtrListInitialize", xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlChar** idPtr; xmlDocPtr doc; xmlAttrPtr attr; xmlNodeSetPtr nodeSet; xmlSecAssert2(xmlSecTransformVisa3DHackCheckId(transform), -1); xmlSecAssert2(transform->outNodes == NULL, -1); xmlSecAssert2(last != 0, -1); xmlSecAssert2(transformCtx != NULL, -1); idPtr = xmlSecVisa3DHackTransformGetIDPtr(transform); xmlSecAssert2(idPtr != NULL, -1); xmlSecAssert2((*idPtr) != NULL, -1); doc = (transform->inNodes != NULL) ? transform->inNodes->doc : transform->hereNode->doc; xmlSecAssert2(doc != NULL, -1); attr = xmlGetID(doc, (*idPtr)); if((attr == NULL) || (attr->parent == NULL)) { xmlSecXmlError2("xmlGetID", xmlSecTransformGetName(transform), "id=\"%s\"", xmlSecErrorsSafeString(*idPtr)); return(-1); } nodeSet = xmlXPathNodeSetCreate(attr->parent); if(nodeSet == NULL) { xmlSecXmlError2("xmlXPathNodeSetCreate", xmlSecTransformGetName(transform), "id=\"%s\"", xmlSecErrorsSafeString(*idPtr)); return(-1); } transform->outNodes = xmlSecNodeSetCreate(doc, nodeSet, xmlSecNodeSetTreeWithoutComments); if(transform->outNodes == NULL) { xmlSecInternalError("xmlSecNodeSetCreate", xmlSecTransformGetName(transform)); xmlXPathFreeNodeSet(nodeSet); return(-1); } return(0); }
static int xmlSecBase64Initialize(xmlSecTransformPtr transform) { xmlSecBase64CtxPtr ctx; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1); ctx = xmlSecBase64GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); transform->operation = xmlSecTransformOperationDecode; ret = xmlSecBase64CtxInitialize(ctx, 0, xmlSecBase64GetDefaultLineSize()); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxInitialize", xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecOpenSSLRsaOaepInitialize(xmlSecTransformPtr transform) { xmlSecOpenSSLRsaOaepCtxPtr ctx; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx)); ret = xmlSecBufferInitialize(&(ctx->oaepParams), 0); if(ret < 0) { xmlSecInternalError("xmlSecBufferInitialize", xmlSecTransformGetName(transform)); return(-1); } return(0); }
/** * xmlSecBase64CtxCreate: * @encode: the encode/decode flag (1 - encode, 0 - decode) * @columns: the max line length. * * Allocates and initializes new base64 context. * * Returns: a pointer to newly created #xmlSecBase64Ctx structure * or NULL if an error occurs. */ xmlSecBase64CtxPtr xmlSecBase64CtxCreate(int encode, int columns) { xmlSecBase64CtxPtr ctx; int ret; /* * Allocate a new xmlSecBase64CtxPtr and fill the fields. */ ctx = (xmlSecBase64CtxPtr) xmlMalloc(sizeof(xmlSecBase64Ctx)); if (ctx == NULL) { xmlSecMallocError(sizeof(xmlSecBase64Ctx), NULL); return(NULL); } ret = xmlSecBase64CtxInitialize(ctx, encode, columns); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxInitialize", NULL); xmlSecBase64CtxDestroy(ctx); return(NULL); } return(ctx); }
static int xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecOpenSSLRsaOaepCtxPtr ctx; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->pKey != NULL, -1); if(transform->status == xmlSecTransformStatusNone) { transform->status = xmlSecTransformStatusWorking; } if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) { /* just do nothing */ } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) { ret = xmlSecOpenSSLRsaOaepProcess(transform, transformCtx); if(ret < 0) { xmlSecInternalError("xmlSecOpenSSLRsaOaepProcess", xmlSecTransformGetName(transform)); return(-1); } transform->status = xmlSecTransformStatusFinished; } else if(transform->status == xmlSecTransformStatusFinished) { /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { xmlSecInvalidTransfromStatusError(transform); return(-1); } return(0); }
static int xmlSecXPathDataNodeRead(xmlSecXPathDataPtr data, xmlNodePtr node) { int ret; xmlSecAssert2(data != NULL, -1); xmlSecAssert2(data->expr == NULL, -1); xmlSecAssert2(data->ctx != NULL, -1); xmlSecAssert2(node != NULL, -1); ret = xmlSecXPathDataRegisterNamespaces (data, node); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataRegisterNamespaces", NULL); return(-1); } /* read node content and set expr */ data->expr = xmlNodeGetContent(node); if(data->expr == NULL) { xmlSecInvalidNodeContentError(node, NULL, "empty"); return(-1); } return(0); }
static int xmlSecMSCngSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecMSCngSignatureCtxPtr ctx; xmlSecSize inSize; xmlSecSize outSize; NTSTATUS status; DWORD cbData = 0; DWORD cbHashObject = 0; int ret; xmlSecAssert2(xmlSecMSCngSignatureCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngSignatureSize), -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecMSCngSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->pszHashAlgId != NULL, -1); inSize = xmlSecBufferGetSize(&transform->inBuf); outSize = xmlSecBufferGetSize(&transform->outBuf); if(transform->status == xmlSecTransformStatusNone) { xmlSecAssert2(outSize == 0, -1); /* open an algorithm handle */ status = BCryptOpenAlgorithmProvider( &ctx->hHashAlg, ctx->pszHashAlgId, NULL, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptOpenAlgorithmProvider", xmlSecTransformGetName(transform), status); return(-1); } /* calculate the size of the buffer to hold the hash object */ status = BCryptGetProperty( ctx->hHashAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&cbHashObject, sizeof(DWORD), &cbData, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptGetProperty", xmlSecTransformGetName(transform), status); return(-1); } /* allocate the hash object on the heap */ ctx->pbHashObject = (PBYTE)xmlMalloc(cbHashObject); if(ctx->pbHashObject == NULL) { xmlSecMallocError(cbHashObject, NULL); return(-1); } /* calculate the length of the hash */ status = BCryptGetProperty( ctx->hHashAlg, BCRYPT_HASH_LENGTH, (PBYTE)&ctx->cbHash, sizeof(DWORD), &cbData, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptGetProperty", xmlSecTransformGetName(transform), status); return(-1); } /* allocate the hash buffer on the heap */ ctx->pbHash = (PBYTE)xmlMalloc(ctx->cbHash); if(ctx->pbHash == NULL) { xmlSecMallocError(ctx->cbHash, NULL); return(-1); } /* create the hash */ status = BCryptCreateHash( ctx->hHashAlg, &ctx->hHash, ctx->pbHashObject, cbHashObject, NULL, 0, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptCreateHash", xmlSecTransformGetName(transform), status); return(-1); } transform->status = xmlSecTransformStatusWorking; } if((transform->status == xmlSecTransformStatusWorking)) { if(inSize > 0) { xmlSecAssert2(outSize == 0, -1); /* hash some data */ status = BCryptHashData( ctx->hHash, (PBYTE)xmlSecBufferGetData(&transform->inBuf), inSize, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptHashData", xmlSecTransformGetName(transform), status); return(-1); } ret = xmlSecBufferRemoveHead(&transform->inBuf, inSize); if(ret < 0) { xmlSecInternalError("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform)); return(-1); } } if(last != 0) { /* close the hash */ status = BCryptFinishHash( ctx->hHash, ctx->pbHash, ctx->cbHash, 0); if(status != STATUS_SUCCESS) { xmlSecMSCngNtError("BCryptFinishHash", xmlSecTransformGetName(transform), status); return(-1); } xmlSecAssert2(ctx->cbHash > 0, -1); if(transform->operation == xmlSecTransformOperationSign) { xmlSecNotImplementedError(NULL); return(-1); } transform->status = xmlSecTransformStatusFinished; } } if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) { xmlSecAssert2(xmlSecBufferGetSize(&transform->inBuf) == 0, -1); } else { xmlSecInvalidTransfromStatusError(transform); return(-1); } return(0); }
static int xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecPtrListPtr dataList; xmlSecXPathDataPtr data; xmlNodePtr cur; xmlChar* tmp; int tmpSize; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPathId), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1); xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1); /* there is only one required node */ cur = xmlSecGetNextElementNode(node->children); if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeXPath, xmlSecDSigNs))) { xmlSecInvalidNodeError(cur, xmlSecNodeXPath, xmlSecTransformGetName(transform)); return(-1); } /* read information from the node */ data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPath); if(data == NULL) { xmlSecInternalError("xmlSecXPathDataCreate", xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecXPathDataNodeRead(data, cur); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataNodeRead", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* append it to the list */ ret = xmlSecPtrListAdd(dataList, data); if(ret < 0) { xmlSecInternalError("xmlSecPtrListAdd", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* create full XPath expression */ xmlSecAssert2(data->expr != NULL, -1); tmpSize = xmlStrlen(data->expr) + strlen(xpathPattern) + 1; tmp = (xmlChar*) xmlMalloc(sizeof(xmlChar) * tmpSize); if(tmp == NULL) { xmlSecMallocError(sizeof(xmlChar) * tmpSize, xmlSecTransformGetName(transform)); return(-1); } ret = xmlStrPrintf(tmp, tmpSize, xpathPattern, (char*)data->expr); if(ret < 0) { xmlSecXmlError("xmlStrPrintf", xmlSecTransformGetName(transform)); xmlFree(tmp); return(-1); } xmlFree(data->expr); data->expr = tmp; /* set correct node set type and operation */ data->nodeSetOp = xmlSecNodeSetIntersection; data->nodeSetType = xmlSecNodeSetNormal; /* check that we have nothing else */ cur = xmlSecGetNextElementNode(cur->next); if(cur != NULL) { xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecTransformXPath2NodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecPtrListPtr dataList; xmlSecXPathDataPtr data; xmlNodePtr cur; xmlChar* op; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPath2Id), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); dataList = xmlSecXPathTransformGetDataList(transform); xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1); xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1); /* There are only xpath nodes */ cur = xmlSecGetNextElementNode(node->children); while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeXPath2, xmlSecXPath2Ns)) { /* read information from the node */ data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPath2); if(data == NULL) { xmlSecInternalError("xmlSecXPathDataCreate", xmlSecTransformGetName(transform)); return(-1); } ret = xmlSecXPathDataNodeRead(data, cur); if(ret < 0) { xmlSecInternalError("xmlSecXPathDataNodeRead", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* append it to the list */ ret = xmlSecPtrListAdd(dataList, data); if(ret < 0) { xmlSecInternalError("xmlSecPtrListAdd", xmlSecTransformGetName(transform)); xmlSecXPathDataDestroy(data); return(-1); } /* set correct node set type and operation */ data->nodeSetType = xmlSecNodeSetTree; op = xmlGetProp(cur, xmlSecAttrFilter); if(op == NULL) { xmlSecInvalidNodeAttributeError(cur, xmlSecAttrFilter, xmlSecTransformGetName(transform), "empty"); return(-1); } if(xmlStrEqual(op, xmlSecXPath2FilterIntersect)) { data->nodeSetOp = xmlSecNodeSetIntersection; } else if(xmlStrEqual(op, xmlSecXPath2FilterSubtract)) { data->nodeSetOp = xmlSecNodeSetSubtraction; } else if(xmlStrEqual(op, xmlSecXPath2FilterUnion)) { data->nodeSetOp = xmlSecNodeSetUnion; } else { xmlSecInvalidNodeAttributeError(cur, xmlSecAttrFilter, xmlSecTransformGetName(transform), "unknown"); xmlFree(op); return(-1); } xmlFree(op); cur = xmlSecGetNextElementNode(cur->next); } /* check that we have nothing else */ if(cur != NULL) { xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecBase64Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecBase64CtxPtr ctx; xmlSecBufferPtr in, out; xmlSecSize inSize, outSize, outLen; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncode) || (transform->operation == xmlSecTransformOperationDecode), -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecBase64GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); in = &(transform->inBuf); out = &(transform->outBuf); if(transform->status == xmlSecTransformStatusNone) { ctx->encode = (transform->operation == xmlSecTransformOperationEncode) ? 1 : 0; transform->status = xmlSecTransformStatusWorking; } switch(transform->status) { case xmlSecTransformStatusWorking: inSize = xmlSecBufferGetSize(in); outSize = xmlSecBufferGetSize(out); if(inSize > 0) { if(ctx->encode != 0) { outLen = 4 * inSize / 3 + 8; if(ctx->columns > 0) { outLen += inSize / ctx->columns + 4; } } else { outLen = 3 * inSize / 4 + 8; } ret = xmlSecBufferSetMaxSize(out, outSize + outLen); if(ret < 0) { xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform), "size=%d", outSize + outLen); return(-1); } /* encode/decode the next chunk */ ret = xmlSecBase64CtxUpdate(ctx, xmlSecBufferGetData(in), inSize, xmlSecBufferGetData(out) + outSize, outLen); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxUpdate", xmlSecTransformGetName(transform)); return(-1); } outLen = ret; /* set correct size */ ret = xmlSecBufferSetSize(out, outSize + outLen); if(ret < 0) { xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform), "size=%d", outSize + outLen); return(-1); } /* remove chunk from input */ ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { xmlSecInternalError2("xmlSecBufferRemoveHead", xmlSecTransformGetName(transform), "size=%d", inSize); return(-1); } } if(last) { outSize = xmlSecBufferGetSize(out); ret = xmlSecBufferSetMaxSize(out, outSize + 16); if(ret < 0) { xmlSecInternalError2("xmlSecBufferSetMaxSize", xmlSecTransformGetName(transform), "size=%d", outSize + 16); return(-1); } /* add from ctx buffer */ ret = xmlSecBase64CtxFinal(ctx, xmlSecBufferGetData(out) + outSize, 16); if(ret < 0) { xmlSecInternalError("xmlSecBase64CtxFinal", xmlSecTransformGetName(transform)); return(-1); } outLen = ret; /* set correct size */ ret = xmlSecBufferSetSize(out, outSize + outLen); if(ret < 0) { xmlSecInternalError2("xmlSecBufferSetSize", xmlSecTransformGetName(transform), "size=%d", outSize + outLen); return(-1); } transform->status = xmlSecTransformStatusFinished; } break; case xmlSecTransformStatusFinished: /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1); break; default: xmlSecInvalidTransfromStatusError(transform); return(-1); } return(0); }