PyObject *xmlsec_TransformSetKey(PyObject *self, PyObject *args) { PyObject *transform_obj, *key_obj; xmlSecTransformPtr transform; xmlSecKeyPtr key; int ret; if (CheckArgs(args, "OO:transformSetKey")) { if(!PyArg_ParseTuple(args, (char *) "OO:transformSetKey", &transform_obj, &key_obj)) return NULL; } else return NULL; transform = xmlSecTransformPtr_get(transform_obj); key = xmlSecKeyPtr_get(key_obj); ret = xmlSecTransformSetKey(transform, key); return (wrap_int(ret)); }
static int xmlSecEncCtxEncDataNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) { xmlNodePtr cur; int ret; xmlSecAssert2(encCtx != NULL, -1); xmlSecAssert2((encCtx->operation == xmlSecTransformOperationEncrypt) || (encCtx->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(node != NULL, -1); switch(encCtx->mode) { case xmlEncCtxModeEncryptedData: if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedData, xmlSecEncNs)) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, xmlSecErrorsSafeString(xmlSecNodeGetName(node)), XMLSEC_ERRORS_R_INVALID_NODE, "expected=%s", xmlSecErrorsSafeString(xmlSecNodeEncryptedData)); return(-1); } break; case xmlEncCtxModeEncryptedKey: if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedKey, xmlSecEncNs)) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, xmlSecErrorsSafeString(xmlSecNodeGetName(node)), XMLSEC_ERRORS_R_INVALID_NODE, "expected=%s", xmlSecErrorsSafeString(xmlSecNodeEncryptedKey)); return(-1); } break; } /* first read node data */ xmlSecAssert2(encCtx->id == NULL, -1); xmlSecAssert2(encCtx->type == NULL, -1); xmlSecAssert2(encCtx->mimeType == NULL, -1); xmlSecAssert2(encCtx->encoding == NULL, -1); xmlSecAssert2(encCtx->recipient == NULL, -1); xmlSecAssert2(encCtx->carriedKeyName == NULL, -1); encCtx->id = xmlGetProp(node, xmlSecAttrId); encCtx->type = xmlGetProp(node, xmlSecAttrType); encCtx->mimeType = xmlGetProp(node, xmlSecAttrMimeType); encCtx->encoding = xmlGetProp(node, xmlSecAttrEncoding); if(encCtx->mode == xmlEncCtxModeEncryptedKey) { encCtx->recipient = xmlGetProp(node, xmlSecAttrRecipient); /* todo: check recipient? */ } cur = xmlSecGetNextElementNode(node->children); /* first node is optional EncryptionMethod, we'll read it later */ xmlSecAssert2(encCtx->encMethodNode == NULL, -1); if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionMethod, xmlSecEncNs))) { encCtx->encMethodNode = cur; cur = xmlSecGetNextElementNode(cur->next); } /* next node is optional KeyInfo, we'll process it later */ xmlSecAssert2(encCtx->keyInfoNode == NULL, -1); if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs))) { encCtx->keyInfoNode = cur; cur = xmlSecGetNextElementNode(cur->next); } /* next is required CipherData node */ if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeCipherData, xmlSecEncNs))) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), XMLSEC_ERRORS_R_INVALID_NODE, "node=%s", xmlSecErrorsSafeString(xmlSecNodeCipherData)); return(-1); } ret = xmlSecEncCtxCipherDataNodeRead(encCtx, cur); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecEncCtxCipherDataNodeRead", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } cur = xmlSecGetNextElementNode(cur->next); /* next is optional EncryptionProperties node (we simply ignore it) */ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionProperties, xmlSecEncNs))) { cur = xmlSecGetNextElementNode(cur->next); } /* there are more possible nodes for the <EncryptedKey> node */ if(encCtx->mode == xmlEncCtxModeEncryptedKey) { /* next is optional ReferenceList node (we simply ignore it) */ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReferenceList, xmlSecEncNs))) { cur = xmlSecGetNextElementNode(cur->next); } /* next is optional CarriedKeyName node (we simply ignore it) */ if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCarriedKeyName, xmlSecEncNs))) { encCtx->carriedKeyName = xmlNodeGetContent(cur); if(encCtx->carriedKeyName == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, "node=%s", xmlSecErrorsSafeString(xmlSecNodeCipherData)); return(-1); } /* TODO: decode the name? */ cur = xmlSecGetNextElementNode(cur->next); } } /* if there is something left than it's an error */ if(cur != NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), XMLSEC_ERRORS_R_UNEXPECTED_NODE, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* now read the encryption method node */ xmlSecAssert2(encCtx->encMethod == NULL, -1); if(encCtx->encMethodNode != NULL) { encCtx->encMethod = xmlSecTransformCtxNodeRead(&(encCtx->transformCtx), encCtx->encMethodNode, xmlSecTransformUsageEncryptionMethod); if(encCtx->encMethod == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecTransformCtxNodeRead", XMLSEC_ERRORS_R_XMLSEC_FAILED, "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode))); return(-1); } } else if(encCtx->defEncMethodId != xmlSecTransformIdUnknown) { encCtx->encMethod = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), encCtx->defEncMethodId); if(encCtx->encMethod == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecTransformCtxAppend", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } } else { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_R_INVALID_DATA, "encryption method not specified"); return(-1); } encCtx->encMethod->operation = encCtx->operation; /* we have encryption method, find key */ ret = xmlSecTransformSetKeyReq(encCtx->encMethod, &(encCtx->keyInfoReadCtx.keyReq)); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecTransformSetKeyReq", XMLSEC_ERRORS_R_XMLSEC_FAILED, "transform=%s", xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod))); return(-1); } /* TODO: KeyInfo node != NULL and encKey != NULL */ if((encCtx->encKey == NULL) && (encCtx->keyInfoReadCtx.keysMngr != NULL) && (encCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) { encCtx->encKey = (encCtx->keyInfoReadCtx.keysMngr->getKey)(encCtx->keyInfoNode, &(encCtx->keyInfoReadCtx)); } /* check that we have exactly what we want */ if((encCtx->encKey == NULL) || (!xmlSecKeyMatch(encCtx->encKey, NULL, &(encCtx->keyInfoReadCtx.keyReq)))) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_R_KEY_NOT_FOUND, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* set the key to the transform */ ret = xmlSecTransformSetKey(encCtx->encMethod, encCtx->encKey); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecTransformSetKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, "transform=%s", xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod))); return(-1); } /* if we need to write result to xml node then we need base64 encode it */ if((encCtx->operation == xmlSecTransformOperationEncrypt) && (encCtx->cipherValueNode != NULL)) { xmlSecTransformPtr base64Encode; /* we need to add base64 encode transform */ base64Encode = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), xmlSecTransformBase64Id); if(base64Encode == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, "xmlSecTransformCtxCreateAndAppend", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } base64Encode->operation = xmlSecTransformOperationEncode; encCtx->resultBase64Encoded = 1; } return(0); }