/**
* xmlSecMSCryptoAppKeyCertLoadMemory:
* @key: the pointer to key.
* @data: the binary certificate.
* @dataSize: size of certificate binary (data)
* @format: the certificate file format.
*
* Reads the certificate from $@data and adds it to key.
*
* Returns 0 on success or a negative value otherwise.
*/
int
xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
xmlSecKeyDataFormat format) {
PCCERT_CONTEXT pCert;
xmlSecKeyDataPtr kdata;
int ret;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
kdata = xmlSecKeyEnsureData(key, xmlSecMSCryptoKeyDataX509Id);
if(kdata == NULL) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecKeyEnsureData",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
return(-1);
}
/* For now only DER certificates are supported */
/* adjust cert format */
switch(format) {
case xmlSecKeyDataFormatDer:
case xmlSecKeyDataFormatCertDer:
pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dataSize);
if (NULL == pCert) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
NULL,
"CertCreateCertificateContext",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"format=%d", format);
return(-1);
}
ret = xmlSecMSCryptoKeyDataX509AdoptCert(kdata, pCert);
if(ret < 0) {
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecMSCryptoKeyDataX509AdoptCert",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"data=%s",
xmlSecErrorsSafeString(xmlSecKeyDataGetName(kdata)));
CertFreeCertificateContext(pCert);
return(-1);
}
break;
default:
xmlSecErr_a_ignorar5(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_R_INVALID_FORMAT,
"format=%d", (int)format);
return(-1);
}
return(0);
}
/**
* xmlSecOpenSSLAppKeyCertLoadBIO:
* @key: the pointer to key.
* @bio: the certificate bio.
* @format: the certificate file format.
*
* Reads the certificate from memory buffer and adds it to key.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecOpenSSLAppKeyCertLoadBIO(xmlSecKeyPtr key, BIO* bio, xmlSecKeyDataFormat format) {
xmlSecKeyDataFormat certFormat;
xmlSecKeyDataPtr data;
X509 *cert;
int ret;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(bio != NULL, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
if(data == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecKeyEnsureData",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"transform=%s",
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id)));
return(-1);
}
/* adjust cert format */
switch(format) {
case xmlSecKeyDataFormatPkcs8Pem:
certFormat = xmlSecKeyDataFormatPem;
break;
case xmlSecKeyDataFormatPkcs8Der:
certFormat = xmlSecKeyDataFormatDer;
break;
default:
certFormat = format;
}
cert = xmlSecOpenSSLAppCertLoadBIO(bio, certFormat);
if(cert == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecOpenSSLAppCertLoad",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecOpenSSLKeyDataX509AdoptCert",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
"data=%s",
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
X509_free(cert);
return(-1);
}
return(0);
}
/**
* xmlSecGnuTLSAppKeyCertLoadMemory:
* @key: the pointer to key.
* @data: the certificate binary data.
* @dataSize: the certificate binary data size.
* @format: the certificate file format.
*
* Reads the certificate from memory buffer and adds it to key.
*
* Returns: 0 on success or a negative value otherwise.
*/
int
xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key,
const xmlSecByte* data,
xmlSecSize dataSize,
xmlSecKeyDataFormat format) {
gnutls_x509_crt_t cert;
xmlSecKeyDataPtr keyData;
int ret;
xmlSecAssert2(key != NULL, -1);
xmlSecAssert2(data != NULL, -1);
xmlSecAssert2(dataSize > 0, -1);
xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
keyData = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
if(keyData == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecKeyEnsureData",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
if(cert == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecGnuTLSX509CertRead",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
ret = xmlSecGnuTLSKeyDataX509AdoptCert(keyData, cert);
if(ret < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
"xmlSecGnuTLSKeyDataX509AdoptCert",
XMLSEC_ERRORS_R_XMLSEC_FAILED,
XMLSEC_ERRORS_NO_MESSAGE);
gnutls_x509_crt_deinit(cert);
return(-1);
}
return(0);
}
