/** * xmlSecKeyStoreCreate: * @id: the key store klass. * * Creates new store of the specified klass @klass. Caller is responsible * for freeing the returned store by calling #xmlSecKeyStoreDestroy function. * * Returns the pointer to newly allocated keys store or NULL if an error occurs. */ xmlSecKeyStorePtr xmlSecKeyStoreCreate(xmlSecKeyStoreId id) { xmlSecKeyStorePtr store; int ret; xmlSecAssert2(id != NULL, NULL); xmlSecAssert2(id->objSize > 0, NULL); /* Allocate a new xmlSecKeyStore and fill the fields. */ store = (xmlSecKeyStorePtr)xmlMalloc(id->objSize); if(store == NULL) { xmlSecErr_a_ignorar6(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)), NULL, XMLSEC_ERRORS_R_MALLOC_FAILED, "size=%d", id->objSize); return(NULL); } memset(store, 0, id->objSize); store->id = id; if(id->initialize != NULL) { ret = (id->initialize)(store); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)), "id->initialize", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyStoreDestroy(store); return(NULL); } } return(store); }
/** * xmlSecNssAppliedKeysMngrCreate: * @slot: array of pointers to NSS PKCS#11 slot information. * @cSlots: number of slots in the array * @handler: the pointer to NSS certificate database. * * Create and load NSS crypto slot and certificate database into keys manager * * Returns keys manager pointer on success or NULL otherwise. */ xmlSecKeysMngrPtr xmlSecNssAppliedKeysMngrCreate( PK11SlotInfo** slots, int cSlots, CERTCertDBHandle* handler ) { xmlSecKeyDataStorePtr certStore = NULL ; xmlSecKeysMngrPtr keyMngr = NULL ; xmlSecKeyStorePtr keyStore = NULL ; int islot = 0; keyStore = xmlSecKeyStoreCreate( xmlSecNssKeysStoreId ) ; if( keyStore == NULL ) { xmlSecError( XMLSEC_ERRORS_HERE , NULL , "xmlSecKeyStoreCreate" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; return NULL ; } for (islot = 0; islot < cSlots; islot++) { xmlSecNssKeySlotPtr keySlot ; /* Create a key slot */ keySlot = xmlSecNssKeySlotCreate() ; if( keySlot == NULL ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecNssKeySlotCreate" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeyStoreDestroy( keyStore ) ; return NULL ; } /* Set slot */ if( xmlSecNssKeySlotSetSlot( keySlot , slots[islot] ) < 0 ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecNssKeySlotSetSlot" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeyStoreDestroy( keyStore ) ; xmlSecNssKeySlotDestroy( keySlot ) ; return NULL ; } /* Adopt keySlot */ if( xmlSecNssKeysStoreAdoptKeySlot( keyStore , keySlot ) < 0 ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecNssKeysStoreAdoptKeySlot" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeyStoreDestroy( keyStore ) ; xmlSecNssKeySlotDestroy( keySlot ) ; return NULL ; } } keyMngr = xmlSecKeysMngrCreate() ; if( keyMngr == NULL ) { xmlSecError( XMLSEC_ERRORS_HERE , NULL , "xmlSecKeysMngrCreate" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeyStoreDestroy( keyStore ) ; return NULL ; } /*- * Add key store to manager, from now on keys manager destroys the store if * needed */ if( xmlSecKeysMngrAdoptKeysStore( keyMngr, keyStore ) < 0 ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecKeysMngrAdoptKeyStore" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeyStoreDestroy( keyStore ) ; xmlSecKeysMngrDestroy( keyMngr ) ; return NULL ; } /*- * Initialize crypto library specific data in keys manager */ if( xmlSecNssKeysMngrInit( keyMngr ) < 0 ) { xmlSecError( XMLSEC_ERRORS_HERE , NULL , "xmlSecKeysMngrCreate" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeysMngrDestroy( keyMngr ) ; return NULL ; } /*- * Set certificate databse to X509 key data store */ /** * Because Tej's implementation of certDB use the default DB, so I ignore * the certDB handler at present. I'll modify the cert store sources to * accept particular certDB instead of default ones. certStore = xmlSecKeysMngrGetDataStore( keyMngr , xmlSecNssKeyDataStoreX509Id ) ; if( certStore == NULL ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecKeysMngrGetDataStore" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeysMngrDestroy( keyMngr ) ; return NULL ; } if( xmlSecNssKeyDataStoreX509SetCertDb( certStore , handler ) < 0 ) { xmlSecError( XMLSEC_ERRORS_HERE , xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) , "xmlSecNssKeyDataStoreX509SetCertDb" , XMLSEC_ERRORS_R_XMLSEC_FAILED , XMLSEC_ERRORS_NO_MESSAGE ) ; xmlSecKeysMngrDestroy( keyMngr ) ; return NULL ; } */ /*- * Set the getKey callback */ keyMngr->getKey = xmlSecKeysMngrGetKey ; return keyMngr ; }