PyObject *xmlsec_KeysMngrAdoptKeysStore(PyObject *self, PyObject *args) {
PyObject *mngr_obj, *store_obj;
xmlSecKeysMngrPtr mngr;
xmlSecKeyStorePtr store;
if (CheckArgs(args, "OO:keysMngrAdoptKeysStore")) {
if (!PyArg_ParseTuple(args, "OO:keysMngrAdoptKeysStore", &mngr_obj,
&store_obj))
return NULL;
}
else return NULL;
mngr = xmlSecKeysMngrPtr_get(mngr_obj);
store = xmlSecKeyStorePtr_get(store_obj);
return (wrap_int(xmlSecKeysMngrAdoptKeysStore(mngr, store)));
}
/**
* create_files_keys_mngr:
*
* Creates a files based keys manager: we assume that key name is
* the key file name,
*
* Returns pointer to newly created keys manager or NULL if an error occurs.
*/
xmlSecKeysMngrPtr
create_files_keys_mngr(void) {
xmlSecKeyStorePtr keysStore;
xmlSecKeysMngrPtr mngr;
/* create files based keys store */
keysStore = xmlSecKeyStoreCreate(files_keys_store_get_klass());
if(keysStore == NULL) {
fprintf(stderr, "Error: failed to create keys store.\n");
return(NULL);
}
/* create keys manager */
mngr = xmlSecKeysMngrCreate();
if(mngr == NULL) {
fprintf(stderr, "Error: failed to create keys manager.\n");
xmlSecKeyStoreDestroy(keysStore);
return(NULL);
}
/* add store to keys manager, from now on keys manager destroys the store if needed */
if(xmlSecKeysMngrAdoptKeysStore(mngr, keysStore) < 0) {
fprintf(stderr, "Error: failed to add keys store to keys manager.\n");
xmlSecKeyStoreDestroy(keysStore);
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
/* initialize crypto library specific data in keys manager */
if(xmlSecCryptoKeysMngrInit(mngr) < 0) {
fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
xmlSecKeysMngrDestroy(mngr);
return(NULL);
}
/* set the get key callback */
mngr->getKey = xmlSecKeysMngrGetKey;
return(mngr);
}
/**
* xmlSecNssAppliedKeysMngrCreate:
* @slot: array of pointers to NSS PKCS#11 slot information.
* @cSlots: number of slots in the array
* @handler: the pointer to NSS certificate database.
*
* Create and load NSS crypto slot and certificate database into keys manager
*
* Returns keys manager pointer on success or NULL otherwise.
*/
xmlSecKeysMngrPtr
xmlSecNssAppliedKeysMngrCreate(
PK11SlotInfo** slots,
int cSlots,
CERTCertDBHandle* handler
) {
xmlSecKeyDataStorePtr certStore = NULL ;
xmlSecKeysMngrPtr keyMngr = NULL ;
xmlSecKeyStorePtr keyStore = NULL ;
int islot = 0;
keyStore = xmlSecKeyStoreCreate( xmlSecNssKeysStoreId ) ;
if( keyStore == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeyStoreCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
return NULL ;
}
for (islot = 0; islot < cSlots; islot++)
{
xmlSecNssKeySlotPtr keySlot ;
/* Create a key slot */
keySlot = xmlSecNssKeySlotCreate() ;
if( keySlot == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeySlotCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
return NULL ;
}
/* Set slot */
if( xmlSecNssKeySlotSetSlot( keySlot , slots[islot] ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeySlotSetSlot" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecNssKeySlotDestroy( keySlot ) ;
return NULL ;
}
/* Adopt keySlot */
if( xmlSecNssKeysStoreAdoptKeySlot( keyStore , keySlot ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeysStoreAdoptKeySlot" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecNssKeySlotDestroy( keySlot ) ;
return NULL ;
}
}
keyMngr = xmlSecKeysMngrCreate() ;
if( keyMngr == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeysMngrCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
return NULL ;
}
/*-
* Add key store to manager, from now on keys manager destroys the store if
* needed
*/
if( xmlSecKeysMngrAdoptKeysStore( keyMngr, keyStore ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecKeysMngrAdoptKeyStore" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
/*-
* Initialize crypto library specific data in keys manager
*/
if( xmlSecNssKeysMngrInit( keyMngr ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeysMngrCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
/*-
* Set certificate databse to X509 key data store
*/
/**
* Because Tej's implementation of certDB use the default DB, so I ignore
* the certDB handler at present. I'll modify the cert store sources to
* accept particular certDB instead of default ones.
certStore = xmlSecKeysMngrGetDataStore( keyMngr , xmlSecNssKeyDataStoreX509Id ) ;
if( certStore == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecKeysMngrGetDataStore" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
if( xmlSecNssKeyDataStoreX509SetCertDb( certStore , handler ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeyDataStoreX509SetCertDb" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
*/
/*-
* Set the getKey callback
*/
keyMngr->getKey = xmlSecKeysMngrGetKey ;
return keyMngr ;
}
