/**
* xmlSecKeyStoreCreate:
* @id: the key store klass.
*
* Creates new store of the specified klass @klass. Caller is responsible
* for freeing the returned store by calling #xmlSecKeyStoreDestroy function.
*
* Returns the pointer to newly allocated keys store or NULL if an error occurs.
*/
xmlSecKeyStorePtr
xmlSecKeyStoreCreate(xmlSecKeyStoreId id) {
xmlSecKeyStorePtr store;
int ret;
xmlSecAssert2(id != NULL, NULL);
xmlSecAssert2(id->objSize > 0, NULL);
/* Allocate a new xmlSecKeyStore and fill the fields. */
store = (xmlSecKeyStorePtr)xmlMalloc(id->objSize);
if(store == NULL) {
xmlSecErr_a_ignorar6(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
NULL,
XMLSEC_ERRORS_R_MALLOC_FAILED,
"size=%d", id->objSize);
return(NULL);
}
memset(store, 0, id->objSize);
store->id = id;
if(id->initialize != NULL) {
ret = (id->initialize)(store);
if(ret < 0) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
"id->initialize",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
xmlSecKeyStoreDestroy(store);
return(NULL);
}
}
return(store);
}
/**
* xmlSecNssAppliedKeysMngrCreate:
* @slot: array of pointers to NSS PKCS#11 slot information.
* @cSlots: number of slots in the array
* @handler: the pointer to NSS certificate database.
*
* Create and load NSS crypto slot and certificate database into keys manager
*
* Returns keys manager pointer on success or NULL otherwise.
*/
xmlSecKeysMngrPtr
xmlSecNssAppliedKeysMngrCreate(
PK11SlotInfo** slots,
int cSlots,
CERTCertDBHandle* handler
) {
xmlSecKeyDataStorePtr certStore = NULL ;
xmlSecKeysMngrPtr keyMngr = NULL ;
xmlSecKeyStorePtr keyStore = NULL ;
int islot = 0;
keyStore = xmlSecKeyStoreCreate( xmlSecNssKeysStoreId ) ;
if( keyStore == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeyStoreCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
return NULL ;
}
for (islot = 0; islot < cSlots; islot++)
{
xmlSecNssKeySlotPtr keySlot ;
/* Create a key slot */
keySlot = xmlSecNssKeySlotCreate() ;
if( keySlot == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeySlotCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
return NULL ;
}
/* Set slot */
if( xmlSecNssKeySlotSetSlot( keySlot , slots[islot] ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeySlotSetSlot" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecNssKeySlotDestroy( keySlot ) ;
return NULL ;
}
/* Adopt keySlot */
if( xmlSecNssKeysStoreAdoptKeySlot( keyStore , keySlot ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeysStoreAdoptKeySlot" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecNssKeySlotDestroy( keySlot ) ;
return NULL ;
}
}
keyMngr = xmlSecKeysMngrCreate() ;
if( keyMngr == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeysMngrCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
return NULL ;
}
/*-
* Add key store to manager, from now on keys manager destroys the store if
* needed
*/
if( xmlSecKeysMngrAdoptKeysStore( keyMngr, keyStore ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecKeysMngrAdoptKeyStore" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeyStoreDestroy( keyStore ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
/*-
* Initialize crypto library specific data in keys manager
*/
if( xmlSecNssKeysMngrInit( keyMngr ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
NULL ,
"xmlSecKeysMngrCreate" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
/*-
* Set certificate databse to X509 key data store
*/
/**
* Because Tej's implementation of certDB use the default DB, so I ignore
* the certDB handler at present. I'll modify the cert store sources to
* accept particular certDB instead of default ones.
certStore = xmlSecKeysMngrGetDataStore( keyMngr , xmlSecNssKeyDataStoreX509Id ) ;
if( certStore == NULL ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecKeysMngrGetDataStore" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
if( xmlSecNssKeyDataStoreX509SetCertDb( certStore , handler ) < 0 ) {
xmlSecError( XMLSEC_ERRORS_HERE ,
xmlSecErrorsSafeString( xmlSecKeyStoreGetName( keyStore ) ) ,
"xmlSecNssKeyDataStoreX509SetCertDb" ,
XMLSEC_ERRORS_R_XMLSEC_FAILED ,
XMLSEC_ERRORS_NO_MESSAGE ) ;
xmlSecKeysMngrDestroy( keyMngr ) ;
return NULL ;
}
*/
/*-
* Set the getKey callback
*/
keyMngr->getKey = xmlSecKeysMngrGetKey ;
return keyMngr ;
}
