int xmlSecAppCryptoSimpleKeysMngrKeyGenerate(xmlSecKeysMngrPtr mngr, const char* keyKlassAndSize, const char* name) { xmlSecKeyPtr key; int ret; xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(keyKlassAndSize != NULL, -1); key = xmlSecAppCryptoKeyGenerate(keyKlassAndSize, name, xmlSecKeyDataTypePermanent); if(key == NULL) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecAppCryptoSimpleKeysMngrKeyGenerate", XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s", xmlSecErrorsSafeString(name)); return(-1); } ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppDefaultKeysMngrAdoptKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDestroy(key); return(-1); } return(0); }
//Load public key from a certificate file into key manager xmlSecKeysMngrPtr load_key_from_certfile(xmlSecKeysMngrPtr* keys_manager, const char* certfile) { xmlSecKeysMngrPtr keys_mngr; if((keys_manager != NULL) && (*keys_manager != NULL)) keys_mngr = *keys_manager; else { keys_mngr = xmlSecKeysMngrCreate(); //initialize keys manager if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr)<0) { std::cerr<<"Can not initialize xmlSecKeysMngr object"<<std::endl; xmlSecKeysMngrDestroy(keys_mngr); return NULL; } } if(keys_mngr == NULL) { std::cerr<<"Can not create xmlSecKeysMngr object"<<std::endl; return NULL;} std::string cert_str; cert_str = get_cert_str(certfile); xmlSecKeyPtr key = get_key_from_certstr(cert_str); if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(keys_mngr, key) < 0) { std::cerr<<"Failed to add key from "<<certfile<<" to keys manager"<<std::endl; xmlSecKeyDestroy(key); xmlSecKeysMngrDestroy(keys_mngr); return NULL; } if(keys_manager != NULL) keys_manager = &keys_mngr; return keys_mngr; }
int xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(xmlSecKeysMngrPtr mngr, const char* keyKlass, const char *filename, const char *name) { xmlSecKeyPtr key; xmlSecKeyDataId dataId; int ret; xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(keyKlass != NULL, -1); xmlSecAssert2(filename != NULL, -1); /* find requested data */ dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST keyKlass, xmlSecKeyDataUsageAny); if(dataId == xmlSecKeyDataIdUnknown) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecKeyDataIdListFindByName", XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s", xmlSecErrorsSafeString(keyKlass)); return(-1); } key = xmlSecKeyReadBinaryFile(dataId, filename); if(key == NULL) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecKeyReadBinaryFile", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } ret = xmlSecKeySetName(key, BAD_CAST name); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecKeySetName", XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s", xmlSecErrorsSafeString(name)); xmlSecKeyDestroy(key); return(-1); } /* finally add it to keys manager */ ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppDefaultKeysMngrAdoptKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDestroy(key); return(-1); } return(0); }
CAMLprim value xmlsecml_xmlSecCryptoAppDefaultKeysMngrAdoptKey(value camlKeyManager, value camlKey) { CAMLparam2(camlKeyManager, camlKey); int res; xmlSecKeysMngrPtr keyManager = Keymngr_val(camlKeyManager); xmlSecKeyPtr key = Key_val(camlKey); res = xmlSecCryptoAppDefaultKeysMngrAdoptKey(keyManager, key); CAMLreturn(Val_int(res)); }
/** * load_des_keys: * @files: the list of filenames. * @files_size: the number of filenames in #files. * * Creates simple keys manager and load DES keys from #files in it. * The caller is responsible for destroing returned keys manager using * @xmlSecKeysMngrDestroy. * * Returns the pointer to newly created keys manager or NULL if an error * occurs. */ xmlSecKeysMngrPtr load_des_keys(char** files, int files_size) { xmlSecKeysMngrPtr mngr; xmlSecKeyPtr key; int i; assert(files); assert(files_size > 0); /* create and initialize keys manager, we use a simple list based * keys manager, implement your own xmlSecKeysStore klass if you need * something more sophisticated */ mngr = xmlSecKeysMngrCreate(); if(mngr == NULL) { fprintf(stderr, "Error: failed to create keys manager.\n"); return(NULL); } if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) { fprintf(stderr, "Error: failed to initialize keys manager.\n"); xmlSecKeysMngrDestroy(mngr); return(NULL); } for(i = 0; i < files_size; ++i) { assert(files[i]); /* load DES key */ key = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, files[i]); if(key == NULL) { fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", files[i]); xmlSecKeysMngrDestroy(mngr); return(NULL); } /* set key name to the file name, this is just an example! */ if(xmlSecKeySetName(key, BAD_CAST files[i]) < 0) { fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]); xmlSecKeyDestroy(key); xmlSecKeysMngrDestroy(mngr); return(NULL); } /* add key to keys manager, from now on keys manager is responsible * for destroying key */ if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) { fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]); xmlSecKeyDestroy(key); xmlSecKeysMngrDestroy(mngr); return(NULL); } } return(mngr); }
int xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(xmlSecKeysMngrPtr mngr, const char *filename, const char* pwd, const char *name) { xmlSecKeyPtr key; int ret; xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(filename != NULL, -1); #ifndef XMLSEC_NO_X509 key = xmlSecCryptoAppKeyLoad(filename, xmlSecKeyDataFormatPkcs12, pwd, xmlSecCryptoAppGetDefaultPwdCallback(), (void*)filename); if(key == NULL) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppKeyLoad", XMLSEC_ERRORS_R_XMLSEC_FAILED, "filename=%s", xmlSecErrorsSafeString(filename)); return(-1); } if(name != NULL) { ret = xmlSecKeySetName(key, BAD_CAST name); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecKeySetName", XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s", xmlSecErrorsSafeString(name)); xmlSecKeyDestroy(key); return(-1); } } ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppDefaultKeysMngrAdoptKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDestroy(key); return(-1); } return(0); #else /* XMLSEC_NO_X509 */ xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "x509", XMLSEC_ERRORS_R_DISABLED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); #endif /* XMLSEC_NO_X509 */ }
static int addRubyKeyToManager(VALUE rb_key, VALUE rb_value, VALUE rb_manager) { xmlSecKeysMngrPtr keyManager = (xmlSecKeysMngrPtr)rb_manager; char *keyName, *keyData; unsigned int keyDataLength; xmlSecKeyPtr key; Check_Type(rb_key, T_STRING); Check_Type(rb_value, T_STRING); keyName = RSTRING_PTR(rb_key); keyData = RSTRING_PTR(rb_value); keyDataLength = RSTRING_LEN(rb_value); // load key key = xmlSecCryptoAppKeyLoadMemory((xmlSecByte *)keyData, keyDataLength, xmlSecKeyDataFormatPem, NULL, // password NULL, NULL); if (key == NULL) { rb_warn("failed to load '%s' public or private pem key", keyName); return ST_CONTINUE; } // set key name if (xmlSecKeySetName(key, BAD_CAST keyName) < 0) { rb_warn("failed to set key name for key '%s'", keyName); return ST_CONTINUE; } // add key to key manager; from now on the manager is responsible for // destroying the key if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(keyManager, key) < 0) { rb_warn("failed to add key '%s' to key manager", keyName); return ST_CONTINUE; } return ST_CONTINUE; }
xmlSecKeysMngrPtr load_certificates_sign(opendcp_t *opendcp) { xmlSecKeysMngrPtr key_manager; xmlSecKeyPtr key; /* create and initialize keys manager */ key_manager = xmlSecKeysMngrCreate(); if (key_manager == NULL) { fprintf(stderr, "Error: failed to create keys manager.\n"); return(NULL); } if (xmlSecCryptoAppDefaultKeysMngrInit(key_manager) < 0) { fprintf(stderr, "Error: failed to initialize keys manager.\n"); xmlSecKeysMngrDestroy(key_manager); return(NULL); } /* read key file */ if (opendcp->xml_signature.private_key) { key = xmlSecCryptoAppKeyLoad(opendcp->xml_signature.private_key, xmlSecKeyDataFormatPem, NULL, NULL, NULL); } else { key = xmlSecCryptoAppKeyLoadMemory(opendcp_private_key, strlen((char *)opendcp_private_key),xmlSecKeyDataFormatPem, NULL, NULL, NULL); } if (xmlSecCryptoAppDefaultKeysMngrAdoptKey(key_manager, key) < 0) { fprintf(stderr, "Error: failed to initialize keys manager.\n"); xmlSecKeysMngrDestroy(key_manager); return(NULL); } /* load root certificate */ if (opendcp->xml_signature.root) { if (xmlSecCryptoAppKeysMngrCertLoad(key_manager, opendcp->xml_signature.root, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) { fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", opendcp->xml_signature.root); xmlSecKeysMngrDestroy(key_manager); return(NULL); } } else { if (xmlSecCryptoAppKeysMngrCertLoadMemory(key_manager, opendcp_root_cert, strlen((char* )opendcp_root_cert), xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) { fprintf(stderr,"Error: failed to load pem certificate from memory\n"); xmlSecKeysMngrDestroy(key_manager); return(NULL); } } /* load ca (intermediate) certificate */ if (opendcp->xml_signature.ca) { if (xmlSecCryptoAppKeysMngrCertLoad(key_manager, opendcp->xml_signature.ca, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) { fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", opendcp->xml_signature.ca); xmlSecKeysMngrDestroy(key_manager); return(NULL); } } else { if (xmlSecCryptoAppKeysMngrCertLoadMemory(key_manager, opendcp_ca_cert, strlen((char *)opendcp_ca_cert), xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) { fprintf(stderr,"Error: failed to load pem certificate from memory\n"); xmlSecKeysMngrDestroy(key_manager); return(NULL); } } return(key_manager); }
int xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr, const char* files, const char* pwd, const char* name, xmlSecKeyDataFormat format) { xmlSecKeyPtr key; int ret; xmlSecAssert2(mngr != NULL, -1); xmlSecAssert2(files != NULL, -1); /* first is the key file */ key = xmlSecCryptoAppKeyLoad(files, format, pwd, xmlSecCryptoAppGetDefaultPwdCallback(), (void*)files); if(key == NULL) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppKeyLoad", XMLSEC_ERRORS_R_XMLSEC_FAILED, "uri=%s", xmlSecErrorsSafeString(files)); return(-1); } if(name != NULL) { ret = xmlSecKeySetName(key, BAD_CAST name); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecKeySetName", XMLSEC_ERRORS_R_XMLSEC_FAILED, "name=%s", xmlSecErrorsSafeString(name)); xmlSecKeyDestroy(key); return(-1); } } #ifndef XMLSEC_NO_X509 for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) { ret = xmlSecCryptoAppKeyCertLoad(key, files, format); if(ret < 0){ xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppKeyCertLoad", XMLSEC_ERRORS_R_XMLSEC_FAILED, "uri=%s", xmlSecErrorsSafeString(files)); xmlSecKeyDestroy(key); return(-1); } } #else /* XMLSEC_NO_X509 */ files += strlen(files) + 1; if(files[0] != '\0') { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "x509", XMLSEC_ERRORS_R_DISABLED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } #endif /* XMLSEC_NO_X509 */ ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key); if(ret < 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, NULL, "xmlSecCryptoAppDefaultKeysMngrAdoptKey", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDestroy(key); return(-1); } return(0); }