/** * xmlSecKeyDataBinaryValueDuplicate: * @dst: the pointer to destination binary key data. * @src: the pointer to source binary key data. * * Copies binary key data from @src to @dst. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) { xmlSecBufferPtr buffer; int ret; xmlSecAssert2(xmlSecKeyDataIsValid(dst), -1); xmlSecAssert2(xmlSecKeyDataCheckSize(dst, xmlSecKeyDataBinarySize), -1); xmlSecAssert2(xmlSecKeyDataIsValid(src), -1); xmlSecAssert2(xmlSecKeyDataCheckSize(src, xmlSecKeyDataBinarySize), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(src); xmlSecAssert2(buffer != NULL, -1); /* copy data */ ret = xmlSecKeyDataBinaryValueSetBuffer(dst, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer)); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), "xmlSecKeyDataBinaryValueSetBuffer", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
static xmlSecKeyDataType xmlSecOpenSSLSymKeyDataGetType(xmlSecKeyDataPtr data) { xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown); return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown); }
static int xmlSecOpenSSLSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) { xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), -1); xmlSecAssert2(sizeBits > 0, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, -1); return(xmlSecOpenSSLGenerateRandom(buffer, (sizeBits + 7) / 8)); }
/** * xmlSecKeyDataBinaryValueGetSize: * @data: the pointer to binary key data. * * Gets the binary key data size. * * Returns: binary key data size in bits. */ xmlSecSize xmlSecKeyDataBinaryValueGetSize(xmlSecKeyDataPtr data) { xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecKeyDataIsValid(data), 0); xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), 0); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, 0); /* return size in bits */ return(8 * xmlSecBufferGetSize(buffer)); }
/** * xmlSecKeyDataBinaryValueFinalize: * @data: the pointer to binary key data. * * Cleans up binary key data. */ void xmlSecKeyDataBinaryValueFinalize(xmlSecKeyDataPtr data) { xmlSecBufferPtr buffer; xmlSecAssert(xmlSecKeyDataIsValid(data)); xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize)); /* initialize buffer */ buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert(buffer != NULL); xmlSecBufferFinalize(buffer); }
/** * xmlSecOpenSSLKeyDataHmacSet: * @data: the pointer to HMAC key data. * @buf: the pointer to key value. * @bufSize: the key value size (in bytes). * * Sets the value of HMAC key data. * * Returns: 0 on success or a negative value if an error occurs. */ int xmlSecOpenSSLKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) { xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataHmacId), -1); xmlSecAssert2(buf != NULL, -1); xmlSecAssert2(bufSize > 0, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, -1); return(xmlSecBufferSetData(buffer, buf, bufSize)); }
/** * xmlSecKeyDataBinaryValueSetBuffer: * @data: the pointer to binary key data. * @buf: the pointer to binary buffer. * @bufSize: the binary buffer size. * * Sets the value of @data to @buf. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueSetBuffer(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) { xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecKeyDataIsValid(data), -1); xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), -1); xmlSecAssert2(buf != NULL, -1); xmlSecAssert2(bufSize > 0, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, -1); return(xmlSecBufferSetData(buffer, buf, bufSize)); }
/** * xmlSecKeyDataBinaryValueDebugXmlDump: * @data: the pointer to binary key data. * @output: the pointer to output FILE. * * Prints binary key data debug information to @output in XML format. */ void xmlSecKeyDataBinaryValueDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) { xmlSecBufferPtr buffer; xmlSecAssert(xmlSecKeyDataIsValid(data)); xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize)); xmlSecAssert(data->id->dataNodeName != NULL); xmlSecAssert(output != NULL); buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert(buffer != NULL); /* print only size, everything else is sensitive */ fprintf(output, "<%s size=\"%d\" />\n", data->id->dataNodeName, xmlSecKeyDataGetSize(data)); }
static int xmlSecGCryptKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecGCryptKWAesCtxPtr ctx; xmlSecBufferPtr buffer; xmlSecSize keySize; int ret; xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataAesId), -1); ctx = xmlSecGCryptKWAesGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key)); xmlSecAssert2(buffer != NULL, -1); keySize = xmlSecBufferGetSize(buffer); if(keySize < ctx->keyExpectedSize) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key=%d;expected=%d", keySize, ctx->keyExpectedSize); return(-1); } ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), ctx->keyExpectedSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferSetData", XMLSEC_ERRORS_R_XMLSEC_FAILED, "expected-size=%d", ctx->keyExpectedSize); return(-1); } return(0); }
static int xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; int ret; xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->hmacCtx != NULL, -1); xmlSecAssert2(ctx->hmacDgst != NULL, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecOpenSSLKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecInvalidZeroKeyDataSizeError(xmlSecTransformGetName(transform)); return(-1); } xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1); ret = HMAC_Init_ex(ctx->hmacCtx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), ctx->hmacDgst, NULL); if(ret != 1) { xmlSecOpenSSLError("HMAC_Init_ex", xmlSecTransformGetName(transform)); return(-1); } ctx->ctxInitialized = 1; return(0); }
static int xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecGCryptHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; gcry_error_t err; xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecGCryptHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->digestCtx != NULL, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecGCryptKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key is empty"); return(-1); } err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer)); if(err != GPG_ERR_NO_ERROR) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "gcry_md_setkey", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_GCRYPT_REPORT_ERROR(err)); return(-1); } return(0); }
static int xmlSecMSCryptoKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecMSCryptoKWDes3CtxPtr ctx; xmlSecBufferPtr buffer; xmlSecSize keySize; int ret; xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDesId), -1); ctx = xmlSecMSCryptoKWDes3GetCtx(transform); xmlSecAssert2(ctx != NULL, -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key)); xmlSecAssert2(buffer != NULL, -1); keySize = xmlSecBufferGetSize(buffer); if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "key length %d is not enough (%d expected)", keySize, XMLSEC_KW_DES3_KEY_LENGTH); return(-1); } ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecBufferSetData", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", XMLSEC_KW_DES3_KEY_LENGTH); return(-1); } return(0); }
static int xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecOpenSSLHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecOpenSSLHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->hmacDgst != NULL, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecOpenSSLKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "keySize=0"); return(-1); } xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1); HMAC_Init(&(ctx->hmacCtx), xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), ctx->hmacDgst); ctx->ctxInitialized = 1; return(0); }
/** * xmlSecKeyDataBinaryValueXmlWrite: * @id: the data klass. * @key: the pointer to source key. * @node: the pointer to an XML node. * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context. * * Base64 encodes binary key data of klass @id from the @key and * sets to the @node content. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlSecBufferPtr buffer; xmlSecKeyDataPtr value; xmlChar* str; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); if((xmlSecKeyDataTypeSymmetric & keyInfoCtx->keyReq.keyType) == 0) { /* we can have only symmetric key */ return(0); } value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataIsValid(value), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); str = xmlSecBase64Encode(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), keyInfoCtx->base64LineSize); if(str == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecBase64Encode", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } xmlNodeSetContent(node, str); xmlFree(str); return(0); }
/** * xmlSecKeyDataBinaryValueBinWrite: * @id: the data klass. * @key: the pointer to source key. * @buf: the destination binary buffer. * @bufSize: the destination binary buffer size. * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context. * * Writes binary key data of klass @id from the @key to @buf. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlSecByte** buf, xmlSecSize* bufSize, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(buf != NULL, -1); xmlSecAssert2(bufSize != NULL, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); if((xmlSecKeyDataTypeSymmetric & keyInfoCtx->keyReq.keyType) == 0) { /* we can have only symmetric key */ return(0); } value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataIsValid(value), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(key->value); xmlSecAssert2(buffer != NULL, -1); (*bufSize) = xmlSecBufferGetSize(buffer); (*buf) = (xmlSecByte*) xmlMalloc((*bufSize)); if((*buf) == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), NULL, XMLSEC_ERRORS_R_MALLOC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } memcpy((*buf), xmlSecBufferGetData(buffer), (*bufSize)); return(0); }
/** * xmlSecKeyDataBinaryValueInitialize: * @data: the pointer to binary key data. * * Initializes key data. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueInitialize(xmlSecKeyDataPtr data) { xmlSecBufferPtr buffer; int ret; xmlSecAssert2(xmlSecKeyDataIsValid(data), -1); xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), -1); /* initialize buffer */ buffer = xmlSecKeyDataBinaryValueGetBuffer(data); xmlSecAssert2(buffer != NULL, -1); ret = xmlSecBufferInitialize(buffer, 0); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), "xmlSecBufferInitialize", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } return(0); }
/** * xmlSecKeyDataBinaryValueXmlRead: * @id: the data klass. * @key: the pointer to destination key. * @node: the pointer to an XML node. * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context. * * Reads binary key data from @node to the key by base64 decoding the @node content. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlChar* str; xmlSecSize len; xmlSecKeyDataPtr data; int ret; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(node != NULL, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); str = xmlNodeGetContent(node); if(str == NULL) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecNodeGetName(node)), XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* usual trick: decode into the same buffer */ ret = xmlSecBase64Decode(str, (xmlSecByte*)str, xmlStrlen(str)); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecBase64Decode", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlFree(str); return(-1); } len = ret; /* check do we have a key already */ data = xmlSecKeyGetValue(key); if(data != NULL) { xmlSecBufferPtr buffer; if(!xmlSecKeyDataCheckId(data, id)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, XMLSEC_ERRORS_NO_MESSAGE); xmlFree(str); return(-1); } buffer = xmlSecKeyDataBinaryValueGetBuffer(data); if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != len)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, "cur-data-size=%d;new-data-size=%d", xmlSecBufferGetSize(buffer), len); xmlFree(str); return(-1); } if((buffer != NULL) && (len > 0) && (memcmp(xmlSecBufferGetData(buffer), str, len) != 0)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, "key already has a different value"); xmlFree(str); return(-1); } if(buffer != NULL) { /* we already have exactly the same key */ xmlFree(str); return(0); } /* we have binary key value with empty buffer */ } data = xmlSecKeyDataCreate(id); if(data == NULL ) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyDataCreate", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlFree(str); return(-1); } ret = xmlSecKeyDataBinaryValueSetBuffer(data, (xmlSecByte*)str, len); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyDataBinaryValueSetBuffer", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", len); xmlSecKeyDataDestroy(data); xmlFree(str); return(-1); } xmlFree(str); if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyReqMatchKeyValue", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(0); } ret = xmlSecKeySetValue(key, data); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeySetValue", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(-1); } return(0); }
static int xmlSecMSCryptoHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { xmlSecMSCryptoHmacCtxPtr ctx; xmlSecKeyDataPtr value; xmlSecBufferPtr buffer; HMAC_INFO hmacInfo; int ret; xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1); xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1); xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1); xmlSecAssert2(key != NULL, -1); ctx = xmlSecMSCryptoHmacGetCtx(transform); xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); xmlSecAssert2(ctx->provider != 0, -1); xmlSecAssert2(ctx->pubPrivKey != 0, -1); xmlSecAssert2(ctx->cryptKey == 0, -1); xmlSecAssert2(ctx->mscHash == 0, -1); value = xmlSecKeyGetValue(key); xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecMSCryptoKeyDataHmacId), -1); buffer = xmlSecKeyDataBinaryValueGetBuffer(value); xmlSecAssert2(buffer != NULL, -1); if(xmlSecBufferGetSize(buffer) == 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "keySize=0"); return(-1); } xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1); /* Import this key and get an HCRYPTKEY handle. * * HACK!!! HACK!!! HACK!!! * * Using CALG_RC2 instead of CALG_HMAC for the key algorithm so we don't want to check key length */ if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->provider, ctx->pubPrivKey, CALG_RC2, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), FALSE, &(ctx->cryptKey) ) || (ctx->cryptKey == 0)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "xmlSecMSCryptoImportPlainSessionBlob", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* create hash */ ret = CryptCreateHash(ctx->provider, CALG_HMAC, ctx->cryptKey, 0, &(ctx->mscHash)); if((ret == 0) || (ctx->mscHash == 0)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "CryptCreateHash", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* set parameters */ memset(&hmacInfo, 0, sizeof(hmacInfo)); hmacInfo.HashAlgid = ctx->alg_id; ret = CryptSetHashParam(ctx->mscHash, HP_HMAC_INFO, (BYTE*)&hmacInfo, 0); if(ret == 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), "CryptSetHashParam", XMLSEC_ERRORS_R_CRYPTO_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } /* done */ ctx->ctxInitialized = 1; return(0); }
/** * xmlSecKeyDataBinaryValueBinRead: * @id: the data klass. * @key: the pointer to destination key. * @buf: the source binary buffer. * @bufSize: the source binary buffer size. * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context. * * Reads binary key data of the klass @id from @buf to the @key. * * Returns: 0 on success or a negative value otherwise. */ int xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, const xmlSecByte* buf, xmlSecSize bufSize, xmlSecKeyInfoCtxPtr keyInfoCtx) { xmlSecKeyDataPtr data; int ret; xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1); xmlSecAssert2(key != NULL, -1); xmlSecAssert2(buf != NULL, -1); xmlSecAssert2(bufSize > 0, -1); xmlSecAssert2(keyInfoCtx != NULL, -1); /* check do we have a key already */ data = xmlSecKeyGetValue(key); if(data != NULL) { xmlSecBufferPtr buffer; if(!xmlSecKeyDataCheckId(data, id)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } buffer = xmlSecKeyDataBinaryValueGetBuffer(data); if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != bufSize)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, "cur-data-size=%d;new-data-size=%d", xmlSecBufferGetSize(buffer), bufSize); return(-1); } if((buffer != NULL) && (bufSize > 0) && (memcmp(xmlSecBufferGetData(buffer), buf, bufSize) != 0)) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, "key already has a different value"); return(-1); } if(buffer != NULL) { /* we already have exactly the same key */ return(0); } /* we have binary key value with empty buffer */ } data = xmlSecKeyDataCreate(id); if(data == NULL ) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyDataCreate", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } ret = xmlSecKeyDataBinaryValueSetBuffer(data, buf, bufSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyDataBinaryValueSetBuffer", XMLSEC_ERRORS_R_XMLSEC_FAILED, "size=%d", bufSize); xmlSecKeyDataDestroy(data); return(-1); } if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeyReqMatchKeyValue", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(0); } ret = xmlSecKeySetValue(key, data); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), "xmlSecKeySetValue", XMLSEC_ERRORS_R_XMLSEC_FAILED, XMLSEC_ERRORS_NO_MESSAGE); xmlSecKeyDataDestroy(data); return(-1); } return(0); }