PyObject *xmlsec_TransformSetKey(PyObject *self, PyObject *args) {
PyObject *transform_obj, *key_obj;
xmlSecTransformPtr transform;
xmlSecKeyPtr key;
int ret;
if (CheckArgs(args, "OO:transformSetKey")) {
if(!PyArg_ParseTuple(args, (char *) "OO:transformSetKey", &transform_obj,
&key_obj))
return NULL;
}
else return NULL;
transform = xmlSecTransformPtr_get(transform_obj);
key = xmlSecKeyPtr_get(key_obj);
ret = xmlSecTransformSetKey(transform, key);
return (wrap_int(ret));
}
static int
xmlSecEncCtxEncDataNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
xmlNodePtr cur;
int ret;
xmlSecAssert2(encCtx != NULL, -1);
xmlSecAssert2((encCtx->operation == xmlSecTransformOperationEncrypt) || (encCtx->operation == xmlSecTransformOperationDecrypt), -1);
xmlSecAssert2(node != NULL, -1);
switch(encCtx->mode) {
case xmlEncCtxModeEncryptedData:
if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedData, xmlSecEncNs)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
XMLSEC_ERRORS_R_INVALID_NODE,
"expected=%s",
xmlSecErrorsSafeString(xmlSecNodeEncryptedData));
return(-1);
}
break;
case xmlEncCtxModeEncryptedKey:
if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedKey, xmlSecEncNs)) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
XMLSEC_ERRORS_R_INVALID_NODE,
"expected=%s",
xmlSecErrorsSafeString(xmlSecNodeEncryptedKey));
return(-1);
}
break;
}
/* first read node data */
xmlSecAssert2(encCtx->id == NULL, -1);
xmlSecAssert2(encCtx->type == NULL, -1);
xmlSecAssert2(encCtx->mimeType == NULL, -1);
xmlSecAssert2(encCtx->encoding == NULL, -1);
xmlSecAssert2(encCtx->recipient == NULL, -1);
xmlSecAssert2(encCtx->carriedKeyName == NULL, -1);
encCtx->id = xmlGetProp(node, xmlSecAttrId);
encCtx->type = xmlGetProp(node, xmlSecAttrType);
encCtx->mimeType = xmlGetProp(node, xmlSecAttrMimeType);
encCtx->encoding = xmlGetProp(node, xmlSecAttrEncoding);
if(encCtx->mode == xmlEncCtxModeEncryptedKey) {
encCtx->recipient = xmlGetProp(node, xmlSecAttrRecipient);
/* todo: check recipient? */
}
cur = xmlSecGetNextElementNode(node->children);
/* first node is optional EncryptionMethod, we'll read it later */
xmlSecAssert2(encCtx->encMethodNode == NULL, -1);
if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionMethod, xmlSecEncNs))) {
encCtx->encMethodNode = cur;
cur = xmlSecGetNextElementNode(cur->next);
}
/* next node is optional KeyInfo, we'll process it later */
xmlSecAssert2(encCtx->keyInfoNode == NULL, -1);
if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs))) {
encCtx->keyInfoNode = cur;
cur = xmlSecGetNextElementNode(cur->next);
}
/* next is required CipherData node */
if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeCipherData, xmlSecEncNs))) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
XMLSEC_ERRORS_R_INVALID_NODE,
"node=%s",
xmlSecErrorsSafeString(xmlSecNodeCipherData));
return(-1);
}
ret = xmlSecEncCtxCipherDataNodeRead(encCtx, cur);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecEncCtxCipherDataNodeRead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
cur = xmlSecGetNextElementNode(cur->next);
/* next is optional EncryptionProperties node (we simply ignore it) */
if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionProperties, xmlSecEncNs))) {
cur = xmlSecGetNextElementNode(cur->next);
}
/* there are more possible nodes for the <EncryptedKey> node */
if(encCtx->mode == xmlEncCtxModeEncryptedKey) {
/* next is optional ReferenceList node (we simply ignore it) */
if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReferenceList, xmlSecEncNs))) {
cur = xmlSecGetNextElementNode(cur->next);
}
/* next is optional CarriedKeyName node (we simply ignore it) */
if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCarriedKeyName, xmlSecEncNs))) {
encCtx->carriedKeyName = xmlNodeGetContent(cur);
if(encCtx->carriedKeyName == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
"node=%s",
xmlSecErrorsSafeString(xmlSecNodeCipherData));
return(-1);
}
/* TODO: decode the name? */
cur = xmlSecGetNextElementNode(cur->next);
}
}
/* if there is something left than it's an error */
if(cur != NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
XMLSEC_ERRORS_R_UNEXPECTED_NODE,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
/* now read the encryption method node */
xmlSecAssert2(encCtx->encMethod == NULL, -1);
if(encCtx->encMethodNode != NULL) {
encCtx->encMethod = xmlSecTransformCtxNodeRead(&(encCtx->transformCtx), encCtx->encMethodNode,
xmlSecTransformUsageEncryptionMethod);
if(encCtx->encMethod == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecTransformCtxNodeRead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"node=%s",
xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode)));
return(-1);
}
} else if(encCtx->defEncMethodId != xmlSecTransformIdUnknown) {
encCtx->encMethod = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx),
encCtx->defEncMethodId);
if(encCtx->encMethod == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecTransformCtxAppend",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
} else {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_INVALID_DATA,
"encryption method not specified");
return(-1);
}
encCtx->encMethod->operation = encCtx->operation;
/* we have encryption method, find key */
ret = xmlSecTransformSetKeyReq(encCtx->encMethod, &(encCtx->keyInfoReadCtx.keyReq));
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecTransformSetKeyReq",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
return(-1);
}
/* TODO: KeyInfo node != NULL and encKey != NULL */
if((encCtx->encKey == NULL) && (encCtx->keyInfoReadCtx.keysMngr != NULL)
&& (encCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
encCtx->encKey = (encCtx->keyInfoReadCtx.keysMngr->getKey)(encCtx->keyInfoNode,
&(encCtx->keyInfoReadCtx));
}
/* check that we have exactly what we want */
if((encCtx->encKey == NULL) ||
(!xmlSecKeyMatch(encCtx->encKey, NULL, &(encCtx->keyInfoReadCtx.keyReq)))) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_KEY_NOT_FOUND,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
/* set the key to the transform */
ret = xmlSecTransformSetKey(encCtx->encMethod, encCtx->encKey);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecTransformSetKey",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
return(-1);
}
/* if we need to write result to xml node then we need base64 encode it */
if((encCtx->operation == xmlSecTransformOperationEncrypt) && (encCtx->cipherValueNode != NULL)) {
xmlSecTransformPtr base64Encode;
/* we need to add base64 encode transform */
base64Encode = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), xmlSecTransformBase64Id);
if(base64Encode == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecTransformCtxCreateAndAppend",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
base64Encode->operation = xmlSecTransformOperationEncode;
encCtx->resultBase64Encoded = 1;
}
return(0);
}
