static void xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) { xmlSecOpenSSLDigestCtxPtr ctx; xmlSecAssert(xmlSecOpenSSLEvpDigestCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize)); ctx = xmlSecOpenSSLEvpDigestGetCtx(transform); xmlSecAssert(ctx != NULL); #ifndef XMLSEC_OPENSSL_096 EVP_MD_CTX_cleanup(&(ctx->digestCtx)); #endif /* XMLSEC_OPENSSL_096 */ memset(ctx, 0, sizeof(xmlSecOpenSSLDigestCtx)); }
static void xmlSecGCryptDigestFinalize(xmlSecTransformPtr transform) { xmlSecGCryptDigestCtxPtr ctx; xmlSecAssert(xmlSecGCryptDigestCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize)); ctx = xmlSecGCryptDigestGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->digestCtx != NULL) { gcry_md_close(ctx->digestCtx); } memset(ctx, 0, sizeof(xmlSecGCryptDigestCtx)); }
static void xmlSecOpenSSLRsaPkcs1Finalize(xmlSecTransformPtr transform) { xmlSecOpenSSLRsaPkcs1CtxPtr ctx; xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size)); ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->pKey != NULL) { EVP_PKEY_free(ctx->pKey); } memset(ctx, 0, sizeof(xmlSecOpenSSLRsaPkcs1Ctx)); }
static void xmlSecOpenSSLHmacFinalize(xmlSecTransformPtr transform) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecAssert(xmlSecOpenSSLHmacCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize)); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert(ctx != NULL); #ifndef XMLSEC_OPENSSL_096 HMAC_CTX_cleanup(&(ctx->hmacCtx)); #endif /* XMLSEC_OPENSSL_096 */ memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx)); }
static void xmlSecOpenSSLHmacFinalize(xmlSecTransformPtr transform) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecAssert(xmlSecOpenSSLHmacCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize)); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->hmacCtx != NULL) { HMAC_CTX_free(ctx->hmacCtx); } memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx)); }
static void xmlSecRelationshipFinalize(xmlSecTransformPtr transform) { xmlSecRelationshipCtxPtr ctx; xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformRelationshipId)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecRelationshipSize)); ctx = xmlSecRelationshipGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->sourceIdList != NULL) { xmlSecPtrListDestroy(ctx->sourceIdList); } memset(ctx, 0, sizeof(xmlSecRelationshipCtx)); }
static void xmlSecOpenSSLRsaOaepFinalize(xmlSecTransformPtr transform) { xmlSecOpenSSLRsaOaepCtxPtr ctx; xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize)); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->pKey != NULL) { EVP_PKEY_free(ctx->pKey); } xmlSecBufferFinalize(&(ctx->oaepParams)); memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx)); }
static int xmlSecMSCryptoHmacSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1); xmlSecAssert2(keyReq != NULL, -1); keyReq->keyId = xmlSecMSCryptoKeyDataHmacId; keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->operation == xmlSecTransformOperationSign) { keyReq->keyUsage = xmlSecKeyUsageSign; } else { keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); }
static int xmlSecRelationshipReadNode(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecRelationshipCtxPtr ctx; xmlNodePtr cur; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformRelationshipId), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecRelationshipSize), -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecRelationshipGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); cur = node->children; while(cur != NULL) { if(xmlSecCheckNodeName(cur, xmlSecNodeRelationshipReference, xmlSecRelationshipReferenceNs)) { xmlChar* sourceId; sourceId = xmlGetProp(cur, xmlSecRelationshipAttrSourceId); if(sourceId == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, "xmlGetProp", xmlSecErrorsSafeString(xmlSecRelationshipAttrSourceId), XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(node))); return(-1); } ret = xmlSecPtrListAdd(ctx->sourceIdList, sourceId); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecPtrListAdd", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlFree(sourceId); return(-1); } } cur = cur->next; } return(0); }
static void xmlSecMSCryptoRsaPkcs1Finalize(xmlSecTransformPtr transform) { xmlSecMSCryptoRsaPkcs1CtxPtr ctx; xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size)); ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform); xmlSecAssert(ctx != NULL); if (ctx->data != NULL) { xmlSecKeyDataDestroy(ctx->data); ctx->data = NULL; } memset(ctx, 0, sizeof(xmlSecMSCryptoRsaPkcs1Ctx)); }
static int xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLEvpSignatureCtxPtr ctx; xmlSecKeyDataPtr value; EVP_PKEY* pKey; xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digest != NULL, -1); xmlSecAssert2(ctx->keyId != NULL, -1); xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(value != NULL, -1); pKey = xmlSecOpenSSLEvpKeyDataGetEvp(value); if(pKey == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecOpenSSLEvpKeyDataGetEvp", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } if(ctx->pKey != NULL) { EVP_PKEY_free(ctx->pKey); } ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey); if(ctx->pKey == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecOpenSSLEvpKeyDup", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
static int xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; int ret; xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->hmacCtx != NULL, -1); xmlSecAssert2(ctx->hmacDgst != NULL, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecOpenSSLKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecInvalidZeroKeyDataSizeError(xmlSecTransformGetName(transform)); return(-1); } xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1); ret = HMAC_Init_ex(ctx->hmacCtx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), ctx->hmacDgst, NULL); if(ret != 1) { xmlSecOpenSSLError("HMAC_Init_ex", xmlSecTransformGetName(transform)); return(-1); } ctx->ctxInitialized = 1; return(0); }
static int xmlSecGCryptKWAesInitialize(xmlSecTransformPtr transform) { xmlSecGCryptKWAesCtxPtr ctx; int ret; xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1); ctx = xmlSecGCryptKWAesGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes128Id)) { ctx->cipher = GCRY_CIPHER_AES128; ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE; } else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes192Id)) { ctx->cipher = GCRY_CIPHER_AES192; ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE; } else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes256Id)) { ctx->cipher = GCRY_CIPHER_AES256; ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE; } else { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_TRANSFORM, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } ctx->mode = GCRY_CIPHER_MODE_CBC; ctx->flags = GCRY_CIPHER_SECURE; /* we are paranoid */ ctx->blockSize = gcry_cipher_get_algo_blklen(ctx->cipher); xmlSecAssert2(ctx->blockSize > 0, -1); ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecGCryptKWAesGetKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
static int xmlSecGCryptKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecGCryptKWAesCtxPtr ctx; xmlSecBufferPtr buffer; xmlSecSize keySize; int ret; xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataAesId), -1); ctx = xmlSecGCryptKWAesGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key)); xmlSecAssert2(buffer != NULL, -1); keySize = xmlSecBufferGetSize(buffer); if(keySize < ctx->keyExpectedSize) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key=%d;expected=%d", keySize, ctx->keyExpectedSize); return(-1); } ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), ctx->keyExpectedSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferSetData", XMLSEC_ERRORS_R_XMLSEC_FAILED, "expected-size=%d", ctx->keyExpectedSize); return(-1); } return(0); }
static void xmlSecMSCryptoDigestFinalize(xmlSecTransformPtr transform) { xmlSecMSCryptoDigestCtxPtr ctx; xmlSecAssert(xmlSecMSCryptoDigestCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoDigestSize)); ctx = xmlSecMSCryptoDigestGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->mscHash != 0) { CryptDestroyHash(ctx->mscHash); } if(ctx->provider != 0) { CryptReleaseContext(ctx->provider, 0); } memset(ctx, 0, sizeof(xmlSecMSCryptoDigestCtx)); }
static int xmlSecNssKWAesSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1); xmlSecAssert2(keyReq != NULL, -1); keyReq->keyId = xmlSecNssKeyDataAesId; keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->operation == xmlSecTransformOperationEncrypt) { keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { keyReq->keyUsage = xmlSecKeyUsageDecrypt; } keyReq->keyBitsSize = 8 * xmlSecNssKWAesGetKeySize(transform); return(0); }
static int xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { xmlSecOpenSSLRsaOaepCtxPtr ctx; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->pKey != NULL, -1); if(transform->status == xmlSecTransformStatusNone) { transform->status = xmlSecTransformStatusWorking; } if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) { /* just do nothing */ } else if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) { ret = xmlSecOpenSSLRsaOaepProcess(transform, transformCtx); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecOpenSSLRsaOaepProcess", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } transform->status = xmlSecTransformStatusFinished; } else if(transform->status == xmlSecTransformStatusFinished) { /* the only way we can get here is if there is no input */ xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1); } else { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_STATUS, "status=%d", transform->status); return(-1); } return(0); }
static int xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecGCryptHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; gcry_error_t err; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digestCtx != NULL, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecGCryptKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key is empty"); return(-1); } err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer)); if(err != GPG_ERR_NO_ERROR) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "gcry_md_setkey", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_GCRYPT_REPORT_ERROR(err)); return(-1); } return(0); }
static int xmlSecNssKWAesInitialize(xmlSecTransformPtr transform) { int ret; xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1); ret = xmlSecBufferInitialize(xmlSecNssKWAesGetKey(transform), 0); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferInitialize", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
static void xmlSecOpenSSLEvpSignatureFinalize(xmlSecTransformPtr transform) { xmlSecOpenSSLEvpSignatureCtxPtr ctx; xmlSecAssert(xmlSecOpenSSLEvpSignatureCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize)); ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform); xmlSecAssert(ctx != NULL); if(ctx->pKey != NULL) { EVP_PKEY_free(ctx->pKey); } #ifndef XMLSEC_OPENSSL_096 EVP_MD_CTX_cleanup(&(ctx->digestCtx)); #endif /* XMLSEC_OPENSSL_096 */ memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx)); }
static int xmlSecMSCryptoKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecMSCryptoKWDes3CtxPtr ctx; xmlSecBufferPtr buffer; xmlSecSize keySize; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDesId), -1); ctx = xmlSecMSCryptoKWDes3GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key)); xmlSecAssert2(buffer != NULL, -1); keySize = xmlSecBufferGetSize(buffer); if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key length %d is not enough (%d expected)", keySize, XMLSEC_KW_DES3_KEY_LENGTH); return(-1); } ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferSetData", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", XMLSEC_KW_DES3_KEY_LENGTH); return(-1); } return(0); }
static int xmlSecOpenSSLHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) { xmlSecOpenSSLHmacCtxPtr ctx; xmlNodePtr cur; xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); xmlSecAssert2(node!= NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); cur = xmlSecGetNextElementNode(node->children); if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) { xmlChar *content; content = xmlNodeGetContent(cur); if(content != NULL) { ctx->dgstSize = atoi((char*)content); xmlFree(content); } /* Ensure that HMAC length is greater than min specified. Otherwise, an attacker can set this length to 0 or very small value */ if((int)ctx->dgstSize < xmlSecOpenSSLHmacGetMinOutputLength()) { xmlSecInvalidNodeContentError(cur, xmlSecTransformGetName(transform), "HMAC output length is too small"); return(-1); } cur = xmlSecGetNextElementNode(cur->next); } if(cur != NULL) { xmlSecUnexpectedNodeError(cur, xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecMSCryptoDigestVerify(xmlSecTransformPtr transform, const xmlSecByte* data, xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) { xmlSecMSCryptoDigestCtxPtr ctx; xmlSecAssert2(xmlSecMSCryptoDigestCheckId(transform), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoDigestSize), -1); xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1); xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1); xmlSecAssert2(data != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); ctx = xmlSecMSCryptoDigestGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->dgstSize > 0, -1); if(dataSize != ctx->dgstSize) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_SIZE, "data_size=%d;dgst_size=%d", dataSize, ctx->dgstSize); transform->status = xmlSecTransformStatusFail; return(0); } if(memcmp(ctx->dgst, data, ctx->dgstSize) != 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_DATA, "data and digest do not match"); transform->status = xmlSecTransformStatusFail; return(0); } transform->status = xmlSecTransformStatusOk; return(0); }
static void xmlSecMSCryptoKWAesFinalize(xmlSecTransformPtr transform) { xmlSecMSCryptoKWAesCtxPtr ctx; xmlSecAssert(xmlSecMSCryptoKWAesCheckId(transform)); xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize)); ctx = xmlSecMSCryptoKWAesGetCtx(transform); xmlSecAssert(ctx != NULL); if (ctx->pubPrivKey) { CryptDestroyKey(ctx->pubPrivKey); } if (ctx->cryptProvider) { CryptReleaseContext(ctx->cryptProvider, 0); } xmlSecBufferFinalize(&ctx->keyBuffer); memset(ctx, 0, sizeof(xmlSecMSCryptoKWAesCtx)); }
static int xmlSecOpenSSLRsaOaepInitialize(xmlSecTransformPtr transform) { xmlSecOpenSSLRsaOaepCtxPtr ctx; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx)); ret = xmlSecBufferInitialize(&(ctx->oaepParams), 0); if(ret < 0) { xmlSecInternalError("xmlSecBufferInitialize", xmlSecTransformGetName(transform)); return(-1); } return(0); }
static int xmlSecMSCryptoRsaPkcs1SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecMSCryptoRsaPkcs1CtxPtr ctx; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1); xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); keyReq->keyId = xmlSecMSCryptoKeyDataRsaId; if(transform->operation == xmlSecTransformOperationEncrypt) { keyReq->keyType = xmlSecKeyDataTypePublic; keyReq->keyUsage = xmlSecKeyUsageEncrypt; } else { keyReq->keyType = xmlSecKeyDataTypePrivate; keyReq->keyUsage = xmlSecKeyUsageDecrypt; } return(0); }
static int xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->hmacDgst != NULL, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecOpenSSLKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "keySize=0"); return(-1); } xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1); HMAC_Init(&(ctx->hmacCtx), xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), ctx->hmacDgst); ctx->ctxInitialized = 1; return(0); }
static int xmlSecMSCryptoKWDes3SetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecMSCryptoKWDes3CtxPtr ctx; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1); xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecMSCryptoKWDes3GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); keyReq->keyId = xmlSecMSCryptoKeyDataDesId; keyReq->keyType = xmlSecKeyDataTypeSymmetric; if(transform->operation == xmlSecTransformOperationEncrypt) { keyReq->keyUsage= xmlSecKeyUsageEncrypt; } else { keyReq->keyUsage= xmlSecKeyUsageDecrypt; } keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH; return(0); }
static int xmlSecOpenSSLRsaOaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLRsaOaepCtxPtr ctx; EVP_PKEY* pKey; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataRsaId), -1); ctx = xmlSecOpenSSLRsaOaepGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->pKey == NULL, -1); pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key)); if(pKey == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecOpenSSLKeyDataRsaGetEvp", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1); xmlSecAssert2(pKey->pkey.rsa != NULL, -1); ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey); if(ctx->pKey == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecOpenSSLEvpKeyDup", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
static int xmlSecMSCngSignatureSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { xmlSecMSCngSignatureCtxPtr ctx; xmlSecAssert2(xmlSecMSCngSignatureCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCngSignatureSize), -1); xmlSecAssert2(keyReq != NULL, -1); ctx = xmlSecMSCngSignatureGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->keyId != NULL, -1); keyReq->keyId = ctx->keyId; if(transform->operation == xmlSecTransformOperationSign) { keyReq->keyType = xmlSecKeyDataTypePrivate; keyReq->keyUsage = xmlSecKeyUsageSign; } else { keyReq->keyType = xmlSecKeyDataTypePublic; keyReq->keyUsage = xmlSecKeyUsageVerify; } return(0); }