xmlsec-shim 1.2.18.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +17 -0
- data/Gemfile +4 -0
- data/README.md +2 -0
- data/Rakefile +2 -0
- data/ext/xmlsec/extconf.rb +14 -0
- data/lib/xmlsec-shim.rb +27 -0
- data/lib/xmlsec-shim/version.rb +5 -0
- data/vendor/xmlsec1-1.2.18/AUTHORS +8 -0
- data/vendor/xmlsec1-1.2.18/COPYING +105 -0
- data/vendor/xmlsec1-1.2.18/ChangeLog +1810 -0
- data/vendor/xmlsec1-1.2.18/Copyright +105 -0
- data/vendor/xmlsec1-1.2.18/HACKING +199 -0
- data/vendor/xmlsec1-1.2.18/INSTALL +38 -0
- data/vendor/xmlsec1-1.2.18/Makefile.am +186 -0
- data/vendor/xmlsec1-1.2.18/Makefile.in +1155 -0
- data/vendor/xmlsec1-1.2.18/NEWS +1 -0
- data/vendor/xmlsec1-1.2.18/README +15 -0
- data/vendor/xmlsec1-1.2.18/TODO +156 -0
- data/vendor/xmlsec1-1.2.18/aclocal.m4 +1197 -0
- data/vendor/xmlsec1-1.2.18/apps/Makefile.am +84 -0
- data/vendor/xmlsec1-1.2.18/apps/Makefile.in +694 -0
- data/vendor/xmlsec1-1.2.18/apps/cmdline.c +355 -0
- data/vendor/xmlsec1-1.2.18/apps/cmdline.h +89 -0
- data/vendor/xmlsec1-1.2.18/apps/crypto.c +396 -0
- data/vendor/xmlsec1-1.2.18/apps/crypto.h +70 -0
- data/vendor/xmlsec1-1.2.18/apps/xmlsec.c +3058 -0
- data/vendor/xmlsec1-1.2.18/config.guess +1502 -0
- data/vendor/xmlsec1-1.2.18/config.h.in +134 -0
- data/vendor/xmlsec1-1.2.18/config.sub +1714 -0
- data/vendor/xmlsec1-1.2.18/configure +17363 -0
- data/vendor/xmlsec1-1.2.18/configure.in +1633 -0
- data/vendor/xmlsec1-1.2.18/depcomp +630 -0
- data/vendor/xmlsec1-1.2.18/docs/Makefile.am +65 -0
- data/vendor/xmlsec1-1.2.18/docs/Makefile.in +721 -0
- data/vendor/xmlsec1-1.2.18/docs/api/Makefile.am +209 -0
- data/vendor/xmlsec1-1.2.18/docs/api/Makefile.in +664 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/compiling-and-linking.sgml +252 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/creating-templates.sgml +325 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/examples.sgml +102 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/init-and-shutdown.sgml +104 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/new-crypto.sgml +487 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/sign-and-encrypt.sgml +286 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-contexts.sgml +138 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keys.sgml +26 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keysmngr.sgml +592 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-transforms.sgml +67 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-x509-certs.sgml +197 -0
- data/vendor/xmlsec1-1.2.18/docs/api/chapters/verify-and-decrypt.sgml +265 -0
- data/vendor/xmlsec1-1.2.18/docs/api/home.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/diagrams.sxd +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/encryption-structure.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/key.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/keysmngr.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/sign-enc-model.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/signature-structure.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/structure.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/transform.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/transforms-chain.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/images/verif-dec-model.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/index.html +307 -0
- data/vendor/xmlsec1-1.2.18/docs/api/index.sgml +43 -0
- data/vendor/xmlsec1-1.2.18/docs/api/left.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/right.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/up.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-app.html +1525 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-base64.html +357 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-bn.html +705 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-buffer.html +603 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-custom-keys-manager.html +475 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-keys-mngr.html +396 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-signle-key.html +326 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-dl.html +245 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-dynamic-template.html +386 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-template-file.html +364 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-with-session-key.html +495 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encryption-klasses.html +101 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-errors.html +744 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-dynamimc-template.html +406 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-template-file.html +388 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-x509.html +447 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples.html +119 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-app.html +578 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-crypto.html +1128 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-ref.html +107 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt.sgml +15 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-app.html +576 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-crypto.html +1076 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-ref.html +107 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls.sgml +15 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.html +1570 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.sgml +1471 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-io.html +226 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keyinfo.html +700 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keys.html +1161 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysdata.html +2067 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysmngr.html +743 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-list.html +643 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-membuf.html +143 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-app.html +747 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-certkeys.html +252 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-crypto.html +1153 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-keysstore.html +209 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-ref.html +113 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-x509.html +478 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto.sgml +21 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nodeset.html +542 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-others.html +102 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-unix.html +223 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-windows.html +138 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling.html +117 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-contexts.html +229 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-custom-keys-store.html +250 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-decrypt.html +205 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-encryption-templates.html +240 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-signature-templates.html +250 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-encrypt.html +223 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-include-files.html +141 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-init-shutdown.html +194 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-manager-sign-enc.html +307 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-mngr-verify-decrypt.html +179 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys.html +120 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keysmngr.html +140 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-functions.html +151 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-key-stores.html +83 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-keys.html +103 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-klasses.html +217 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-sharing-results.html +125 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-simple-keys-mngr.html +102 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-skeleton.html +254 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-transforms.html +170 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto.html +136 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-overview.html +102 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-encrypt.html +120 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-x509.html +176 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign.html +210 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-simple-keys-store.html +177 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-structure.html +115 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-templates.html +114 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-transforms.html +154 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-decrypt.html +120 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-x509.html +180 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify.html +210 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-x509.html +114 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes.html +115 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-app.html +740 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-bignum.html +176 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-crypto.html +978 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-keysstore.html +209 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-pkikeys.html +211 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-ref.html +115 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-x509.html +467 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss.sgml +23 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-app.html +800 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-bn.html +170 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-crypto.html +1329 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-evp.html +184 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-ref.html +113 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-x509.html +567 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl.sgml +21 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-parser.html +223 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-ref.html +149 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-reference.html +106 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-signature-klasses.html +101 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-templates.html +1290 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-transforms.html +3059 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-key.html +318 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-keys-mngr.html +388 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-restrictions.html +715 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-x509.html +369 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-version.html +143 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-x509.html +181 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmldsig.html +853 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlenc.html +584 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlsec.html +300 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmltree.html +1529 -0
- data/vendor/xmlsec1-1.2.18/docs/api/xmlsec.sgml +307 -0
- data/vendor/xmlsec1-1.2.18/docs/authors.html +59 -0
- data/vendor/xmlsec1-1.2.18/docs/bugs.html +106 -0
- data/vendor/xmlsec1-1.2.18/docs/c14n.html +73 -0
- data/vendor/xmlsec1-1.2.18/docs/documentation.html +65 -0
- data/vendor/xmlsec1-1.2.18/docs/download.html +115 -0
- data/vendor/xmlsec1-1.2.18/docs/faq.html +449 -0
- data/vendor/xmlsec1-1.2.18/docs/images/bart.gif +0 -0
- data/vendor/xmlsec1-1.2.18/docs/images/libxml2-logo.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/images/libxslt-logo.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/images/logo.gif +0 -0
- data/vendor/xmlsec1-1.2.18/docs/images/openssl-logo.png +0 -0
- data/vendor/xmlsec1-1.2.18/docs/images/xmlsec-logo.gif +0 -0
- data/vendor/xmlsec1-1.2.18/docs/index.html +109 -0
- data/vendor/xmlsec1-1.2.18/docs/news.html +545 -0
- data/vendor/xmlsec1-1.2.18/docs/related.html +165 -0
- data/vendor/xmlsec1-1.2.18/docs/xmldsig-verifier.html +138 -0
- data/vendor/xmlsec1-1.2.18/docs/xmldsig.html +646 -0
- data/vendor/xmlsec1-1.2.18/docs/xmlenc.html +464 -0
- data/vendor/xmlsec1-1.2.18/docs/xmlsec-man.html +291 -0
- data/vendor/xmlsec1-1.2.18/docs/xmlsec.xsl +194 -0
- data/vendor/xmlsec1-1.2.18/examples/Makefile +40 -0
- data/vendor/xmlsec1-1.2.18/examples/Makefile.w32 +88 -0
- data/vendor/xmlsec1-1.2.18/examples/README +126 -0
- data/vendor/xmlsec1-1.2.18/examples/binary.dat +1 -0
- data/vendor/xmlsec1-1.2.18/examples/decrypt1.c +223 -0
- data/vendor/xmlsec1-1.2.18/examples/decrypt2.c +293 -0
- data/vendor/xmlsec1-1.2.18/examples/decrypt3.c +372 -0
- data/vendor/xmlsec1-1.2.18/examples/deskey.bin +1 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt1-res.xml +13 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt1-tmpl.xml +13 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt1.c +219 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt2-doc.xml +9 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt2-res.xml +14 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt2.c +244 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt3-doc.xml +9 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt3-res.xml +27 -0
- data/vendor/xmlsec1-1.2.18/examples/encrypt3.c +340 -0
- data/vendor/xmlsec1-1.2.18/examples/mywin32make.bat +18 -0
- data/vendor/xmlsec1-1.2.18/examples/rootcert.pem +25 -0
- data/vendor/xmlsec1-1.2.18/examples/rsacert.pem +83 -0
- data/vendor/xmlsec1-1.2.18/examples/rsakey.pem +27 -0
- data/vendor/xmlsec1-1.2.18/examples/rsapub.pem +9 -0
- data/vendor/xmlsec1-1.2.18/examples/sign1-res.xml +31 -0
- data/vendor/xmlsec1-1.2.18/examples/sign1-tmpl.xml +27 -0
- data/vendor/xmlsec1-1.2.18/examples/sign1.c +212 -0
- data/vendor/xmlsec1-1.2.18/examples/sign2-doc.xml +9 -0
- data/vendor/xmlsec1-1.2.18/examples/sign2-res.xml +30 -0
- data/vendor/xmlsec1-1.2.18/examples/sign2.c +248 -0
- data/vendor/xmlsec1-1.2.18/examples/sign3-doc.xml +9 -0
- data/vendor/xmlsec1-1.2.18/examples/sign3-res.xml +58 -0
- data/vendor/xmlsec1-1.2.18/examples/sign3.c +261 -0
- data/vendor/xmlsec1-1.2.18/examples/verify1.c +215 -0
- data/vendor/xmlsec1-1.2.18/examples/verify2.c +285 -0
- data/vendor/xmlsec1-1.2.18/examples/verify3.c +266 -0
- data/vendor/xmlsec1-1.2.18/examples/verify4-bad-res.xml +90 -0
- data/vendor/xmlsec1-1.2.18/examples/verify4-bad-tmpl.xml +54 -0
- data/vendor/xmlsec1-1.2.18/examples/verify4-res.xml +80 -0
- data/vendor/xmlsec1-1.2.18/examples/verify4-tmpl.xml +47 -0
- data/vendor/xmlsec1-1.2.18/examples/verify4.c +309 -0
- data/vendor/xmlsec1-1.2.18/examples/xkms-server.c +839 -0
- data/vendor/xmlsec1-1.2.18/examples/xmldsigverify.c +381 -0
- data/vendor/xmlsec1-1.2.18/include/Makefile.am +4 -0
- data/vendor/xmlsec1-1.2.18/include/Makefile.in +656 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.am +63 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.in +767 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/app.h +424 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/base64.h +67 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/bn.h +99 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/buffer.h +108 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/crypto.h +75 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/dl.h +56 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/errors.h +504 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/exports.h +111 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.am +13 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.in +564 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/app.h +96 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/crypto.h +460 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/symbols.h +104 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.am +14 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.in +565 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/app.h +96 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/crypto.h +462 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/symbols.h +104 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/x509.h +110 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/io.h +54 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/keyinfo.h +285 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/keys.h +278 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/keysdata.h +837 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/keysmngr.h +264 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/list.h +194 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/membuf.h +44 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.am +16 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.in +567 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/app.h +116 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/certkeys.h +42 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/crypto.h +516 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/keysstore.h +48 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/symbols.h +114 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/x509.h +92 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nodeset.h +139 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.am +17 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.in +568 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/app.h +118 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/bignum.h +37 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/crypto.h +469 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/keysstore.h +46 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/pkikeys.h +44 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/symbols.h +106 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/x509.h +91 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.am +16 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.in +567 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/app.h +128 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/bn.h +35 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/crypto.h +561 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/evp.h +44 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/symbols.h +123 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/x509.h +109 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/parser.h +51 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/private.h +489 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.am +12 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.in +563 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xkms.h +121 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xslt.h +34 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/Makefile.am +13 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/app.h +97 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/crypto.h +40 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/symbols.h +117 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/soap.h +130 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/strings.h +610 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/templates.h +162 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/transforms.h +994 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h +61 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h.in +61 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/x509.h +80 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/xkms.h +652 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/xmldsig.h +281 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlenc.h +163 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlsec.h +216 -0
- data/vendor/xmlsec1-1.2.18/include/xmlsec/xmltree.h +275 -0
- data/vendor/xmlsec1-1.2.18/install-sh +520 -0
- data/vendor/xmlsec1-1.2.18/ltmain.sh +8413 -0
- data/vendor/xmlsec1-1.2.18/m4/libtool.m4 +7377 -0
- data/vendor/xmlsec1-1.2.18/m4/ltoptions.m4 +368 -0
- data/vendor/xmlsec1-1.2.18/m4/ltsugar.m4 +123 -0
- data/vendor/xmlsec1-1.2.18/m4/ltversion.m4 +23 -0
- data/vendor/xmlsec1-1.2.18/m4/lt~obsolete.m4 +92 -0
- data/vendor/xmlsec1-1.2.18/man/Makefile.am +52 -0
- data/vendor/xmlsec1-1.2.18/man/Makefile.in +582 -0
- data/vendor/xmlsec1-1.2.18/man/xmlsec1-config.1 +34 -0
- data/vendor/xmlsec1-1.2.18/man/xmlsec1.1 +269 -0
- data/vendor/xmlsec1-1.2.18/missing +376 -0
- data/vendor/xmlsec1-1.2.18/scripts/build_release.sh +33 -0
- data/vendor/xmlsec1-1.2.18/scripts/change-release.sh +34 -0
- data/vendor/xmlsec1-1.2.18/scripts/push_release.sh +30 -0
- data/vendor/xmlsec1-1.2.18/scripts/remove-gtkdoclink.pl +20 -0
- data/vendor/xmlsec1-1.2.18/scripts/test_errors.pl +38 -0
- data/vendor/xmlsec1-1.2.18/scripts/test_release.sh +12 -0
- data/vendor/xmlsec1-1.2.18/src/Makefile.am +71 -0
- data/vendor/xmlsec1-1.2.18/src/Makefile.in +878 -0
- data/vendor/xmlsec1-1.2.18/src/app.c +1498 -0
- data/vendor/xmlsec1-1.2.18/src/base64.c +1034 -0
- data/vendor/xmlsec1-1.2.18/src/bn.c +1060 -0
- data/vendor/xmlsec1-1.2.18/src/buffer.c +674 -0
- data/vendor/xmlsec1-1.2.18/src/c14n.c +801 -0
- data/vendor/xmlsec1-1.2.18/src/dl.c +994 -0
- data/vendor/xmlsec1-1.2.18/src/enveloped.c +152 -0
- data/vendor/xmlsec1-1.2.18/src/errors.c +242 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.am +55 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.in +764 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/README +9 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/app.c +663 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.c +602 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.h +39 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/asymkeys.c +1920 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/ciphers.c +855 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/crypto.c +315 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/digests.c +614 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/globals.h +30 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/hmac.c +823 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_aes.c +593 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_des.c +607 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/signatures.c +1490 -0
- data/vendor/xmlsec1-1.2.18/src/gcrypt/symkeys.c +441 -0
- data/vendor/xmlsec1-1.2.18/src/globals.h +25 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.am +58 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.in +786 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/README +6 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/app.c +998 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/asymkeys.c +455 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/ciphers.c +82 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/crypto.c +351 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/digests.c +112 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/globals.h +31 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/hmac.c +141 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/kw_aes.c +72 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/kw_des.c +51 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/signatures.c +148 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/symkeys.c +125 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/x509.c +1960 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.c +1687 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.h +143 -0
- data/vendor/xmlsec1-1.2.18/src/gnutls/x509vfy.c +802 -0
- data/vendor/xmlsec1-1.2.18/src/io.c +496 -0
- data/vendor/xmlsec1-1.2.18/src/keyinfo.c +1561 -0
- data/vendor/xmlsec1-1.2.18/src/keys.c +1415 -0
- data/vendor/xmlsec1-1.2.18/src/keysdata.c +1387 -0
- data/vendor/xmlsec1-1.2.18/src/keysmngr.c +745 -0
- data/vendor/xmlsec1-1.2.18/src/kw_aes_des.c +493 -0
- data/vendor/xmlsec1-1.2.18/src/kw_aes_des.h +148 -0
- data/vendor/xmlsec1-1.2.18/src/list.c +534 -0
- data/vendor/xmlsec1-1.2.18/src/membuf.c +209 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.am +62 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.in +799 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/README +39 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/app.c +1289 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/certkeys.c +2615 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/ciphers.c +937 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/crypto.c +889 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_calg.h +105 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_oid.h +114 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/digests.c +668 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/globals.h +39 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/hmac.c +963 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/keysstore.c +620 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/kt_rsa.c +631 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_aes.c +662 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_des.c +730 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/mingw-crypt32.def +36 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/private.h +130 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/signatures.c +960 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/symkeys.c +824 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/x509.c +2281 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/x509vfy.c +1406 -0
- data/vendor/xmlsec1-1.2.18/src/mscrypto/xmlsec-mingw.h +210 -0
- data/vendor/xmlsec1-1.2.18/src/nodeset.c +610 -0
- data/vendor/xmlsec1-1.2.18/src/nss/Makefile.am +57 -0
- data/vendor/xmlsec1-1.2.18/src/nss/Makefile.in +798 -0
- data/vendor/xmlsec1-1.2.18/src/nss/README +128 -0
- data/vendor/xmlsec1-1.2.18/src/nss/app.c +1598 -0
- data/vendor/xmlsec1-1.2.18/src/nss/bignum.c +163 -0
- data/vendor/xmlsec1-1.2.18/src/nss/ciphers.c +838 -0
- data/vendor/xmlsec1-1.2.18/src/nss/crypto.c +444 -0
- data/vendor/xmlsec1-1.2.18/src/nss/digests.c +576 -0
- data/vendor/xmlsec1-1.2.18/src/nss/globals.h +24 -0
- data/vendor/xmlsec1-1.2.18/src/nss/hmac.c +855 -0
- data/vendor/xmlsec1-1.2.18/src/nss/keysstore.c +485 -0
- data/vendor/xmlsec1-1.2.18/src/nss/keytrans.c +753 -0
- data/vendor/xmlsec1-1.2.18/src/nss/kw_aes.c +681 -0
- data/vendor/xmlsec1-1.2.18/src/nss/kw_des.c +663 -0
- data/vendor/xmlsec1-1.2.18/src/nss/pkikeys.c +1554 -0
- data/vendor/xmlsec1-1.2.18/src/nss/signatures.c +841 -0
- data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c +440 -0
- data/vendor/xmlsec1-1.2.18/src/nss/x509.c +2223 -0
- data/vendor/xmlsec1-1.2.18/src/nss/x509vfy.c +808 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.am +56 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.in +790 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/README +17 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/app.c +1628 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/bn.c +163 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/ciphers.c +856 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/crypto.c +491 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/digests.c +682 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/evp.c +1559 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/globals.h +24 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/hmac.c +857 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/kt_rsa.c +876 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/kw_aes.c +513 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/kw_des.c +563 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/signatures.c +1065 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/symkeys.c +447 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/x509.c +2414 -0
- data/vendor/xmlsec1-1.2.18/src/openssl/x509vfy.c +1284 -0
- data/vendor/xmlsec1-1.2.18/src/parser.c +571 -0
- data/vendor/xmlsec1-1.2.18/src/skeleton/Makefile.am +45 -0
- data/vendor/xmlsec1-1.2.18/src/skeleton/README +0 -0
- data/vendor/xmlsec1-1.2.18/src/skeleton/app.c +499 -0
- data/vendor/xmlsec1-1.2.18/src/skeleton/crypto.c +260 -0
- data/vendor/xmlsec1-1.2.18/src/skeleton/globals.h +24 -0
- data/vendor/xmlsec1-1.2.18/src/soap.c +1322 -0
- data/vendor/xmlsec1-1.2.18/src/strings.c +597 -0
- data/vendor/xmlsec1-1.2.18/src/templates.c +2091 -0
- data/vendor/xmlsec1-1.2.18/src/transforms.c +2902 -0
- data/vendor/xmlsec1-1.2.18/src/x509.c +97 -0
- data/vendor/xmlsec1-1.2.18/src/xkms.c +4981 -0
- data/vendor/xmlsec1-1.2.18/src/xmldsig.c +1795 -0
- data/vendor/xmlsec1-1.2.18/src/xmlenc.c +1339 -0
- data/vendor/xmlsec1-1.2.18/src/xmlsec.c +185 -0
- data/vendor/xmlsec1-1.2.18/src/xmltree.c +1908 -0
- data/vendor/xmlsec1-1.2.18/src/xpath.c +1148 -0
- data/vendor/xmlsec1-1.2.18/src/xslt.c +617 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/Readme.txt +52 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/dh-priv-key.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.xml +30 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.xml +30 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.xml +30 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.tmpl +24 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.tmpl +23 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.xml +61 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-ka-dh.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.xml +61 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-ka-dh.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-ka-dh.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.xml +29 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.tmpl +23 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.xml +32 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.tmpl +21 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.xml +28 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.xml +62 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.xml +64 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/key.txt +117 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/keys.xml +61 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/payment.xml +9 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name-not-supported.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name.xml +10 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1-no-match.xml +7 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1.xml +51 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.pem +26 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.pem +25 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.pem +24 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/create-keys.sh +73 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1-pk8.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.pem +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2-pk8.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.pem +9 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3-pk8.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.pem +9 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/openssl.cnf +106 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req2.pem +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req3.pem +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-bad-service.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-no-match.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1.xml +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2-no-match.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2.xml +39 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data-no-match.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data.xml +32 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/readme.txt +117 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name-msg-invalid.xml +9 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name.xml +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-no-match.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-unsupported.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1.xml +23 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name-msg-invalid.xml +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name.xml +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-no-match.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-unsupported.xml +9 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1.xml +23 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request-success.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request.xml +7 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1-no-match.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1.xml +65 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/README +47 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl +27 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.xml +27 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.tmpl +31 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml +87 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.xml +85 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.xml +13 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.xml +103 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.xml +104 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.tmpl +27 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.xml +40 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.tmpl +31 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.xml +117 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.tmpl +29 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.xml +28 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.xml +12 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.xml +12 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.tmpl +10 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.xml +12 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.xml +18 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data +7 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data +7 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data +9 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.xml +17 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.tmpl +8 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.xml +8 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl +10 -0
- data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml +12 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/README +203 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.pem +66 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/ca2key.pem +9 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/cacert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/cacert.pem +72 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/cakey.pem +18 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/cacert.pem +72 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/careq.pem +14 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/index.txt +6 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/01.pem +65 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/02.pem +93 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/03.pem +60 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/04.pem +60 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/05.pem +83 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/private/cakey.pem +18 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/serial +1 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.pem +78 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-pem +8 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.pem +14 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.pem +61 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.pem +9 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/expiredreq.pem +11 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.pem +13 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/hmackey.bin +1 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/keys.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.pem +100 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-win.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-winxp.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-pem +53 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.pem +51 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/largersareq.pem +30 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/merlincert.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/openssl.cnf +316 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.pem +61 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-win.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-winxp.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-pem +11 -0
- data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.pem +9 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/Readme.txt +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-0.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-1.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-10.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-11.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-12.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-13.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-14.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-15.txt +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-16.txt +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-17.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-18.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-19.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-2.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-20.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-21.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-22.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-23.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-24.txt +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-25.txt +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-26.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-27.txt +430 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-3.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-4.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-5.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-6.txt +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-7.txt +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-8.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-9.txt +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/signature.xml +526 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/Readme.txt +3 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.tmpl +52 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.xml +73 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/Readme.txt +63 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/bres.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.pem +12 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.pem +21 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/morigu.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.pem +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.tmpl +22 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml +43 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.tmpl +21 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml +39 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.tmpl +14 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml +31 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml +41 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml +38 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.xml +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.tmpl +16 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml +47 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml +38 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml +24 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.tmpl +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.tmpl +245 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.xml +269 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/Readme.txt +117 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform-except.xml +83 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform.xml +73 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh0.p8 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh1.p8 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dsa.p8 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml +45 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml +113 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.tmpl +18 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml +35 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.tmpl +11 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml +12 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml +22 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml +22 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml +46 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data +1 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.tmpl +21 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml +43 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.tmpl +19 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml +63 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.data +36 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml +57 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml +122 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.data +40 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml +47 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.tmpl +20 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml +43 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml +98 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml +108 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml +46 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml +51 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.tmpl +25 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml +27 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml +28 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/ids.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/keys.xml +42 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/plaintext.xml +24 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsa.p8 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p12 +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-pem +17 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.pem +15 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapub.pem +6 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/Readme.txt +23 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-0.txt +11 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-1.txt +0 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-2.txt +25 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.tmpl +50 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.xml +122 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl-c14n-0.txt +3986 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.tmpl +4153 -0
- data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.xml +4225 -0
- data/vendor/xmlsec1-1.2.18/tests/nss.supp +220 -0
- data/vendor/xmlsec1-1.2.18/tests/nssdb/cert8.db +0 -0
- data/vendor/xmlsec1-1.2.18/tests/nssdb/key3.db +0 -0
- data/vendor/xmlsec1-1.2.18/tests/nssdb/secmod.db +0 -0
- data/vendor/xmlsec1-1.2.18/tests/openssl.supp +63 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt +248 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/crl.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-ca-cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-dsa-key.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-rsa-key.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/hmackey.bin +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-ca-cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-cert.der +0 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document-stylesheet.xml +7 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.b64 +4 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xsl +45 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-big.xml +39 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-detached.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloped.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloping.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-manifest.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xpath-transform.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method.xml +39 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform.xml +39 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-sig.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloping.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped.xml +6 -0
- data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-~x509-data-crl.xml +1 -0
- data/vendor/xmlsec1-1.2.18/tests/testDSig.sh +875 -0
- data/vendor/xmlsec1-1.2.18/tests/testEnc.sh +411 -0
- data/vendor/xmlsec1-1.2.18/tests/testKeys.sh +69 -0
- data/vendor/xmlsec1-1.2.18/tests/testRes.sh +20 -0
- data/vendor/xmlsec1-1.2.18/tests/testXKMS.sh +129 -0
- data/vendor/xmlsec1-1.2.18/tests/testrun.sh +443 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/c14n11/xml-base-input.xml +17 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.tmpl +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.tmpl +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.tmpl +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.xml +2 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-1-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-2-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-3-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-4-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-5-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-6-SUN.xml +21 -0
- data/vendor/xmlsec1-1.2.18/win32/Makefile.msvc +699 -0
- data/vendor/xmlsec1-1.2.18/win32/README.txt +168 -12
- data/vendor/xmlsec1-1.2.18/win32/configure.js +395 -0
- data/vendor/xmlsec1-1.2.18/win32/libxmlsec.def.src +25 -0
- data/vendor/xmlsec1-1.2.18/win32/mycfg.bat +21 -0
- data/vendor/xmlsec1-1.2.18/xmlsec-config.in +243 -0
- data/vendor/xmlsec1-1.2.18/xmlsec-gcrypt.pc.in +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec-gnutls.pc.in +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec-nss.pc.in +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec-openssl.pc.in +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec.pc.in +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec.spec.in +185 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1-config +243 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1-gcrypt.pc +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1-gnutls.pc +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1-nss.pc +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1-openssl.pc +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1.m4 +172 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1.pc +11 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1.spec +185 -0
- data/vendor/xmlsec1-1.2.18/xmlsec1Conf.sh +13 -0
- data/vendor/xmlsec1-1.2.18/xmlsecConf.sh.in +13 -0
- data/xmlsec-shim.gemspec +18 -0
- metadata +1014 -0
@@ -0,0 +1,2281 @@
|
|
1
|
+
/**
|
2
|
+
* XMLSec library
|
3
|
+
*
|
4
|
+
* X509 support
|
5
|
+
*
|
6
|
+
*
|
7
|
+
* This is free software; see Copyright file in the source
|
8
|
+
* distribution for preciese wording.
|
9
|
+
*
|
10
|
+
* Copyright (C) 2003 Cordys R&D BV, All rights reserved.
|
11
|
+
* Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
|
12
|
+
*/
|
13
|
+
|
14
|
+
#include "globals.h"
|
15
|
+
|
16
|
+
#ifndef XMLSEC_NO_X509
|
17
|
+
|
18
|
+
#include <stdlib.h>
|
19
|
+
#include <stdio.h>
|
20
|
+
#include <string.h>
|
21
|
+
#include <ctype.h>
|
22
|
+
#include <errno.h>
|
23
|
+
#include <time.h>
|
24
|
+
|
25
|
+
#include <windows.h>
|
26
|
+
#include <wincrypt.h>
|
27
|
+
|
28
|
+
#include <libxml/tree.h>
|
29
|
+
|
30
|
+
#include <xmlsec/xmlsec.h>
|
31
|
+
#include <xmlsec/xmltree.h>
|
32
|
+
#include <xmlsec/keys.h>
|
33
|
+
#include <xmlsec/keyinfo.h>
|
34
|
+
#include <xmlsec/keysmngr.h>
|
35
|
+
#include <xmlsec/x509.h>
|
36
|
+
#include <xmlsec/base64.h>
|
37
|
+
#include <xmlsec/bn.h>
|
38
|
+
#include <xmlsec/errors.h>
|
39
|
+
|
40
|
+
#include <xmlsec/mscrypto/crypto.h>
|
41
|
+
#include <xmlsec/mscrypto/x509.h>
|
42
|
+
#include <xmlsec/mscrypto/certkeys.h>
|
43
|
+
#include "private.h"
|
44
|
+
|
45
|
+
|
46
|
+
/*************************************************************************
|
47
|
+
*
|
48
|
+
* X509 utility functions
|
49
|
+
*
|
50
|
+
************************************************************************/
|
51
|
+
static int xmlSecMSCryptoX509DataNodeRead (xmlSecKeyDataPtr data,
|
52
|
+
xmlNodePtr node,
|
53
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
54
|
+
static int xmlSecMSCryptoX509CertificateNodeRead (xmlSecKeyDataPtr data,
|
55
|
+
xmlNodePtr node,
|
56
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
57
|
+
static int xmlSecMSCryptoX509CertificateNodeWrite (PCCERT_CONTEXT cert,
|
58
|
+
xmlNodePtr node,
|
59
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
60
|
+
static int xmlSecMSCryptoX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
|
61
|
+
xmlNodePtr node,
|
62
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
63
|
+
static int xmlSecMSCryptoX509SubjectNameNodeWrite (PCCERT_CONTEXT cert,
|
64
|
+
xmlNodePtr node,
|
65
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
66
|
+
static int xmlSecMSCryptoX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
|
67
|
+
xmlNodePtr node,
|
68
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
69
|
+
static int xmlSecMSCryptoX509IssuerSerialNodeWrite (PCCERT_CONTEXT cert,
|
70
|
+
xmlNodePtr node,
|
71
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
72
|
+
static int xmlSecMSCryptoX509SKINodeRead (xmlSecKeyDataPtr data,
|
73
|
+
xmlNodePtr node,
|
74
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
75
|
+
static int xmlSecMSCryptoX509SKINodeWrite (PCCERT_CONTEXT cert,
|
76
|
+
xmlNodePtr node,
|
77
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
78
|
+
static int xmlSecMSCryptoX509CRLNodeRead (xmlSecKeyDataPtr data,
|
79
|
+
xmlNodePtr node,
|
80
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
81
|
+
static int xmlSecMSCryptoX509CRLNodeWrite (PCCRL_CONTEXT crl,
|
82
|
+
xmlNodePtr node,
|
83
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
84
|
+
static int xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
|
85
|
+
xmlSecKeyPtr key,
|
86
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
87
|
+
|
88
|
+
static PCCERT_CONTEXT xmlSecMSCryptoX509CertDerRead (const xmlSecByte* buf,
|
89
|
+
xmlSecSize size);
|
90
|
+
static PCCERT_CONTEXT xmlSecMSCryptoX509CertBase64DerRead (xmlChar* buf);
|
91
|
+
static xmlChar* xmlSecMSCryptoX509CertBase64DerWrite (PCCERT_CONTEXT cert,
|
92
|
+
int base64LineWrap);
|
93
|
+
static PCCRL_CONTEXT xmlSecMSCryptoX509CrlDerRead (xmlSecByte* buf,
|
94
|
+
xmlSecSize size,
|
95
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
96
|
+
static PCCRL_CONTEXT xmlSecMSCryptoX509CrlBase64DerRead (xmlChar* buf,
|
97
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
98
|
+
static xmlChar* xmlSecMSCryptoX509CrlBase64DerWrite (PCCRL_CONTEXT crl,
|
99
|
+
int base64LineWrap);
|
100
|
+
static xmlChar* xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm);
|
101
|
+
static int xmlSecMSCryptoASN1IntegerWrite (xmlNodePtr node,
|
102
|
+
PCRYPT_INTEGER_BLOB num);
|
103
|
+
static xmlChar* xmlSecMSCryptoX509SKIWrite (PCCERT_CONTEXT cert);
|
104
|
+
static void xmlSecMSCryptoX509CertDebugDump (PCCERT_CONTEXT cert,
|
105
|
+
FILE* output);
|
106
|
+
static void xmlSecMSCryptoX509CertDebugXmlDump (PCCERT_CONTEXT cert,
|
107
|
+
FILE* output);
|
108
|
+
static int xmlSecMSCryptoX509CertGetTime (FILETIME t,
|
109
|
+
time_t* res);
|
110
|
+
|
111
|
+
/*************************************************************************
|
112
|
+
*
|
113
|
+
* Internal MSCrypto X509 data CTX
|
114
|
+
*
|
115
|
+
************************************************************************/
|
116
|
+
typedef struct _xmlSecMSCryptoX509DataCtx xmlSecMSCryptoX509DataCtx,
|
117
|
+
*xmlSecMSCryptoX509DataCtxPtr;
|
118
|
+
|
119
|
+
struct _xmlSecMSCryptoX509DataCtx {
|
120
|
+
PCCERT_CONTEXT keyCert;
|
121
|
+
|
122
|
+
HCERTSTORE hMemStore;
|
123
|
+
unsigned int numCerts;
|
124
|
+
unsigned int numCrls;
|
125
|
+
};
|
126
|
+
|
127
|
+
/**************************************************************************
|
128
|
+
*
|
129
|
+
* <dsig:X509Data> processing
|
130
|
+
*
|
131
|
+
*
|
132
|
+
* The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
|
133
|
+
*
|
134
|
+
* An X509Data element within KeyInfo contains one or more identifiers of keys
|
135
|
+
* or X509 certificates (or certificates' identifiers or a revocation list).
|
136
|
+
* The content of X509Data is:
|
137
|
+
*
|
138
|
+
* 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
|
139
|
+
* 2.
|
140
|
+
* * The X509IssuerSerial element, which contains an X.509 issuer
|
141
|
+
* distinguished name/serial number pair that SHOULD be compliant
|
142
|
+
* with RFC2253 [LDAP-DN],
|
143
|
+
* * The X509SubjectName element, which contains an X.509 subject
|
144
|
+
* distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
|
145
|
+
* * The X509SKI element, which contains the base64 encoded plain (i.e.
|
146
|
+
* non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
|
147
|
+
* * The X509Certificate element, which contains a base64-encoded [X509v3]
|
148
|
+
* certificate, and
|
149
|
+
* * Elements from an external namespace which accompanies/complements any
|
150
|
+
* of the elements above.
|
151
|
+
* * The X509CRL element, which contains a base64-encoded certificate
|
152
|
+
* revocation list (CRL) [X509v3].
|
153
|
+
*
|
154
|
+
* Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
|
155
|
+
* MUST refer to the certificate or certificates containing the validation key.
|
156
|
+
* All such elements that refer to a particular individual certificate MUST be
|
157
|
+
* grouped inside a single X509Data element and if the certificate to which
|
158
|
+
* they refer appears, it MUST also be in that X509Data element.
|
159
|
+
*
|
160
|
+
* Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
|
161
|
+
* the same key but different certificates MUST be grouped within a single
|
162
|
+
* KeyInfo but MAY occur in multiple X509Data elements.
|
163
|
+
*
|
164
|
+
* All certificates appearing in an X509Data element MUST relate to the
|
165
|
+
* validation key by either containing it or being part of a certification
|
166
|
+
* chain that terminates in a certificate containing the validation key.
|
167
|
+
*
|
168
|
+
* No ordering is implied by the above constraints.
|
169
|
+
*
|
170
|
+
* Note, there is no direct provision for a PKCS#7 encoded "bag" of
|
171
|
+
* certificates or CRLs. However, a set of certificates and CRLs can occur
|
172
|
+
* within an X509Data element and multiple X509Data elements can occur in a
|
173
|
+
* KeyInfo. Whenever multiple certificates occur in an X509Data element, at
|
174
|
+
* least one such certificate must contain the public key which verifies the
|
175
|
+
* signature.
|
176
|
+
*
|
177
|
+
* Schema Definition
|
178
|
+
*
|
179
|
+
* <element name="X509Data" type="ds:X509DataType"/>
|
180
|
+
* <complexType name="X509DataType">
|
181
|
+
* <sequence maxOccurs="unbounded">
|
182
|
+
* <choice>
|
183
|
+
* <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
|
184
|
+
* <element name="X509SKI" type="base64Binary"/>
|
185
|
+
* <element name="X509SubjectName" type="string"/>
|
186
|
+
* <element name="X509Certificate" type="base64Binary"/>
|
187
|
+
* <element name="X509CRL" type="base64Binary"/>
|
188
|
+
* <any namespace="##other" processContents="lax"/>
|
189
|
+
* </choice>
|
190
|
+
* </sequence>
|
191
|
+
* </complexType>
|
192
|
+
* <complexType name="X509IssuerSerialType">
|
193
|
+
* <sequence>
|
194
|
+
* <element name="X509IssuerName" type="string"/>
|
195
|
+
* <element name="X509SerialNumber" type="integer"/>
|
196
|
+
* </sequence>
|
197
|
+
* </complexType>
|
198
|
+
*
|
199
|
+
* DTD
|
200
|
+
*
|
201
|
+
* <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
|
202
|
+
* X509Certificate | X509CRL)+ %X509.ANY;)>
|
203
|
+
* <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
|
204
|
+
* <!ELEMENT X509IssuerName (#PCDATA) >
|
205
|
+
* <!ELEMENT X509SubjectName (#PCDATA) >
|
206
|
+
* <!ELEMENT X509SerialNumber (#PCDATA) >
|
207
|
+
* <!ELEMENT X509SKI (#PCDATA) >
|
208
|
+
* <!ELEMENT X509Certificate (#PCDATA) >
|
209
|
+
* <!ELEMENT X509CRL (#PCDATA) >
|
210
|
+
*
|
211
|
+
* -----------------------------------------------------------------------
|
212
|
+
*
|
213
|
+
* xmlSecMSCryptoX509DataCtx is located after xmlSecTransform
|
214
|
+
*
|
215
|
+
*************************************************************************/
|
216
|
+
#define xmlSecMSCryptoX509DataSize \
|
217
|
+
(sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoX509DataCtx))
|
218
|
+
#define xmlSecMSCryptoX509DataGetCtx(data) \
|
219
|
+
((xmlSecMSCryptoX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
|
220
|
+
|
221
|
+
static int xmlSecMSCryptoKeyDataX509Initialize (xmlSecKeyDataPtr data);
|
222
|
+
static int xmlSecMSCryptoKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
|
223
|
+
xmlSecKeyDataPtr src);
|
224
|
+
static void xmlSecMSCryptoKeyDataX509Finalize (xmlSecKeyDataPtr data);
|
225
|
+
static int xmlSecMSCryptoKeyDataX509XmlRead (xmlSecKeyDataId id,
|
226
|
+
xmlSecKeyPtr key,
|
227
|
+
xmlNodePtr node,
|
228
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
229
|
+
static int xmlSecMSCryptoKeyDataX509XmlWrite (xmlSecKeyDataId id,
|
230
|
+
xmlSecKeyPtr key,
|
231
|
+
xmlNodePtr node,
|
232
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
233
|
+
static xmlSecKeyDataType xmlSecMSCryptoKeyDataX509GetType (xmlSecKeyDataPtr data);
|
234
|
+
static const xmlChar* xmlSecMSCryptoKeyDataX509GetIdentifier (xmlSecKeyDataPtr data);
|
235
|
+
|
236
|
+
static void xmlSecMSCryptoKeyDataX509DebugDump (xmlSecKeyDataPtr data,
|
237
|
+
FILE* output);
|
238
|
+
static void xmlSecMSCryptoKeyDataX509DebugXmlDump (xmlSecKeyDataPtr data,
|
239
|
+
FILE* output);
|
240
|
+
|
241
|
+
|
242
|
+
|
243
|
+
static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataX509Klass = {
|
244
|
+
sizeof(xmlSecKeyDataKlass),
|
245
|
+
xmlSecMSCryptoX509DataSize,
|
246
|
+
|
247
|
+
/* data */
|
248
|
+
xmlSecNameX509Data,
|
249
|
+
xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
|
250
|
+
/* xmlSecKeyDataUsage usage; */
|
251
|
+
xmlSecHrefX509Data, /* const xmlChar* href; */
|
252
|
+
xmlSecNodeX509Data, /* const xmlChar* dataNodeName; */
|
253
|
+
xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
|
254
|
+
|
255
|
+
/* constructors/destructor */
|
256
|
+
xmlSecMSCryptoKeyDataX509Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
|
257
|
+
xmlSecMSCryptoKeyDataX509Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
|
258
|
+
xmlSecMSCryptoKeyDataX509Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
|
259
|
+
NULL, /* xmlSecKeyDataGenerateMethod generate; */
|
260
|
+
|
261
|
+
/* get info */
|
262
|
+
xmlSecMSCryptoKeyDataX509GetType, /* xmlSecKeyDataGetTypeMethod getType; */
|
263
|
+
NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
|
264
|
+
xmlSecMSCryptoKeyDataX509GetIdentifier, /* xmlSecKeyDataGetIdentifier getIdentifier; */
|
265
|
+
|
266
|
+
/* read/write */
|
267
|
+
xmlSecMSCryptoKeyDataX509XmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
|
268
|
+
xmlSecMSCryptoKeyDataX509XmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
|
269
|
+
NULL, /* xmlSecKeyDataBinReadMethod binRead; */
|
270
|
+
NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
|
271
|
+
|
272
|
+
/* debug */
|
273
|
+
xmlSecMSCryptoKeyDataX509DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
|
274
|
+
xmlSecMSCryptoKeyDataX509DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
|
275
|
+
|
276
|
+
/* reserved for the future */
|
277
|
+
NULL, /* void* reserved0; */
|
278
|
+
NULL, /* void* reserved1; */
|
279
|
+
};
|
280
|
+
|
281
|
+
/**
|
282
|
+
* xmlSecMSCryptoKeyDataX509GetKlass:
|
283
|
+
*
|
284
|
+
* The MSCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
|
285
|
+
*
|
286
|
+
* Returns: the X509 data klass.
|
287
|
+
*/
|
288
|
+
xmlSecKeyDataId
|
289
|
+
xmlSecMSCryptoKeyDataX509GetKlass(void) {
|
290
|
+
return(&xmlSecMSCryptoKeyDataX509Klass);
|
291
|
+
}
|
292
|
+
|
293
|
+
/**
|
294
|
+
* xmlSecMSCryptoKeyDataX509GetKeyCert:
|
295
|
+
* @data: the pointer to X509 key data.
|
296
|
+
*
|
297
|
+
* Gets the certificate from which the key was extracted.
|
298
|
+
*
|
299
|
+
* Returns: the key's certificate or NULL if key data was not used for key
|
300
|
+
* extraction or an error occurs.
|
301
|
+
*/
|
302
|
+
PCCERT_CONTEXT
|
303
|
+
xmlSecMSCryptoKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
|
304
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
305
|
+
|
306
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
|
307
|
+
|
308
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
309
|
+
xmlSecAssert2(ctx != NULL, NULL);
|
310
|
+
|
311
|
+
return(ctx->keyCert);
|
312
|
+
}
|
313
|
+
|
314
|
+
/**
|
315
|
+
* xmlSecMSCryptoKeyDataX509AdoptKeyCert:
|
316
|
+
* @data: the pointer to X509 key data.
|
317
|
+
* @cert: the pointer to MSCRYPTO X509 certificate.
|
318
|
+
*
|
319
|
+
* Sets the key's certificate in @data.
|
320
|
+
*
|
321
|
+
* Returns: 0 on success or a negative value if an error occurs.
|
322
|
+
*/
|
323
|
+
int
|
324
|
+
xmlSecMSCryptoKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
|
325
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
326
|
+
|
327
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
328
|
+
xmlSecAssert2(cert != NULL, -1);
|
329
|
+
|
330
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
331
|
+
xmlSecAssert2(ctx != NULL, -1);
|
332
|
+
|
333
|
+
if(ctx->keyCert != NULL) {
|
334
|
+
CertFreeCertificateContext(ctx->keyCert);
|
335
|
+
ctx->keyCert = 0;
|
336
|
+
}
|
337
|
+
ctx->keyCert = cert;
|
338
|
+
|
339
|
+
return(0);
|
340
|
+
}
|
341
|
+
|
342
|
+
/**
|
343
|
+
* xmlSecMSCryptoKeyDataX509AdoptCert:
|
344
|
+
* @data: the pointer to X509 key data.
|
345
|
+
* @cert: the pointer to MSCRYPTO X509 certificate.
|
346
|
+
*
|
347
|
+
* Adds certificate to the X509 key data.
|
348
|
+
*
|
349
|
+
* Returns: 0 on success or a negative value if an error occurs.
|
350
|
+
*/
|
351
|
+
int
|
352
|
+
xmlSecMSCryptoKeyDataX509AdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
|
353
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
354
|
+
|
355
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
356
|
+
xmlSecAssert2(cert != NULL, -1);
|
357
|
+
|
358
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
359
|
+
xmlSecAssert2(ctx != NULL, -1);
|
360
|
+
xmlSecAssert2(ctx->hMemStore != 0, -1);
|
361
|
+
|
362
|
+
if (!CertAddCertificateContextToStore(ctx->hMemStore, cert, CERT_STORE_ADD_ALWAYS, NULL)) {
|
363
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
364
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
365
|
+
"CertAddCertificateContextToStore",
|
366
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
367
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
368
|
+
return(-1);
|
369
|
+
}
|
370
|
+
CertFreeCertificateContext(cert);
|
371
|
+
ctx->numCerts++;
|
372
|
+
|
373
|
+
return(0);
|
374
|
+
}
|
375
|
+
|
376
|
+
/**
|
377
|
+
* xmlSecMSCryptoKeyDataX509GetCert:
|
378
|
+
* @data: the pointer to X509 key data.
|
379
|
+
* @pos: the desired certificate position.
|
380
|
+
*
|
381
|
+
* Gets a certificate from X509 key data.
|
382
|
+
*
|
383
|
+
* Returns: the pointer to certificate or NULL if @pos is larger than the
|
384
|
+
* number of certificates in @data or an error occurs.
|
385
|
+
*/
|
386
|
+
PCCERT_CONTEXT
|
387
|
+
xmlSecMSCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
|
388
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
389
|
+
PCCERT_CONTEXT pCert = NULL;
|
390
|
+
|
391
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
|
392
|
+
|
393
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
394
|
+
xmlSecAssert2(ctx != NULL, NULL);
|
395
|
+
xmlSecAssert2(ctx->hMemStore != 0, NULL);
|
396
|
+
xmlSecAssert2(ctx->numCerts > pos, NULL);
|
397
|
+
|
398
|
+
while ((pCert = CertEnumCertificatesInStore(ctx->hMemStore, pCert)) && (pos > 0)) {
|
399
|
+
pos--;
|
400
|
+
}
|
401
|
+
|
402
|
+
return(pCert);
|
403
|
+
}
|
404
|
+
|
405
|
+
/**
|
406
|
+
* xmlSecMSCryptoKeyDataX509GetCertsSize:
|
407
|
+
* @data: the pointer to X509 key data.
|
408
|
+
*
|
409
|
+
* Gets the number of certificates in @data.
|
410
|
+
*
|
411
|
+
* Returns: te number of certificates in @data.
|
412
|
+
*/
|
413
|
+
xmlSecSize
|
414
|
+
xmlSecMSCryptoKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
|
415
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
416
|
+
|
417
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), 0);
|
418
|
+
|
419
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
420
|
+
xmlSecAssert2(ctx != NULL, 0);
|
421
|
+
|
422
|
+
return(ctx->numCerts);
|
423
|
+
}
|
424
|
+
|
425
|
+
/**
|
426
|
+
* xmlSecMSCryptoKeyDataX509AdoptCrl:
|
427
|
+
* @data: the pointer to X509 key data.
|
428
|
+
* @crl: the pointer to MSCrypto X509 CRL.
|
429
|
+
*
|
430
|
+
* Adds CRL to the X509 key data.
|
431
|
+
*
|
432
|
+
* Returns: 0 on success or a negative value if an error occurs.
|
433
|
+
*/
|
434
|
+
int
|
435
|
+
xmlSecMSCryptoKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, PCCRL_CONTEXT crl) {
|
436
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
437
|
+
|
438
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
439
|
+
xmlSecAssert2(crl != 0, -1);
|
440
|
+
|
441
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
442
|
+
xmlSecAssert2(ctx != NULL, -1);
|
443
|
+
xmlSecAssert2(ctx->hMemStore != 0, -1);
|
444
|
+
|
445
|
+
if (!CertAddCRLContextToStore(ctx->hMemStore, crl, CERT_STORE_ADD_ALWAYS, NULL)) {
|
446
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
447
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
448
|
+
"CertAddCRLContextToStore",
|
449
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
450
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
451
|
+
return(-1);
|
452
|
+
}
|
453
|
+
ctx->numCrls++;
|
454
|
+
|
455
|
+
return(0);
|
456
|
+
}
|
457
|
+
|
458
|
+
/**
|
459
|
+
* xmlSecMSCryptoKeyDataX509GetCrl:
|
460
|
+
* @data: the pointer to X509 key data.
|
461
|
+
* @pos: the desired CRL position.
|
462
|
+
*
|
463
|
+
* Gets a CRL from X509 key data.
|
464
|
+
*
|
465
|
+
* Returns: the pointer to CRL or NULL if @pos is larger than the
|
466
|
+
* number of CRLs in @data or an error occurs.
|
467
|
+
*/
|
468
|
+
PCCRL_CONTEXT
|
469
|
+
xmlSecMSCryptoKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
|
470
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
471
|
+
PCCRL_CONTEXT pCRL = NULL;
|
472
|
+
|
473
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
|
474
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
475
|
+
xmlSecAssert2(ctx != NULL, NULL);
|
476
|
+
xmlSecAssert2(ctx->hMemStore != 0, NULL);
|
477
|
+
xmlSecAssert2(ctx->numCrls > pos, NULL);
|
478
|
+
|
479
|
+
while ((pCRL = CertEnumCRLsInStore(ctx->hMemStore, pCRL)) && (pos > 0)) {
|
480
|
+
pos--;
|
481
|
+
}
|
482
|
+
|
483
|
+
return(pCRL);
|
484
|
+
}
|
485
|
+
|
486
|
+
/**
|
487
|
+
* xmlSecMSCryptoKeyDataX509GetCrlsSize:
|
488
|
+
* @data: the pointer to X509 key data.
|
489
|
+
*
|
490
|
+
* Gets the number of CRLs in @data.
|
491
|
+
*
|
492
|
+
* Returns: te number of CRLs in @data.
|
493
|
+
*/
|
494
|
+
xmlSecSize
|
495
|
+
xmlSecMSCryptoKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
|
496
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
497
|
+
|
498
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), 0);
|
499
|
+
|
500
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
501
|
+
xmlSecAssert2(ctx != NULL, 0);
|
502
|
+
|
503
|
+
return(ctx->numCrls);
|
504
|
+
}
|
505
|
+
|
506
|
+
static int
|
507
|
+
xmlSecMSCryptoKeyDataX509Initialize(xmlSecKeyDataPtr data) {
|
508
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
509
|
+
|
510
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
511
|
+
|
512
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
513
|
+
xmlSecAssert2(ctx != NULL, -1);
|
514
|
+
|
515
|
+
memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
|
516
|
+
|
517
|
+
ctx->hMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
|
518
|
+
0,
|
519
|
+
0,
|
520
|
+
CERT_STORE_CREATE_NEW_FLAG,
|
521
|
+
NULL);
|
522
|
+
if (ctx->hMemStore == 0) {
|
523
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
524
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
525
|
+
"CertOpenStore",
|
526
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
527
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
528
|
+
return(-1);
|
529
|
+
}
|
530
|
+
|
531
|
+
return(0);
|
532
|
+
}
|
533
|
+
|
534
|
+
static int
|
535
|
+
xmlSecMSCryptoKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
|
536
|
+
PCCERT_CONTEXT certSrc, certDst;
|
537
|
+
PCCRL_CONTEXT crlSrc, crlDst;
|
538
|
+
xmlSecSize size, pos;
|
539
|
+
int ret;
|
540
|
+
|
541
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCryptoKeyDataX509Id), -1);
|
542
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCryptoKeyDataX509Id), -1);
|
543
|
+
|
544
|
+
/* copy certsList */
|
545
|
+
size = xmlSecMSCryptoKeyDataX509GetCertsSize(src);
|
546
|
+
for(pos = 0; pos < size; ++pos) {
|
547
|
+
/* TBD: function below does linear scan, eliminate loop within
|
548
|
+
* loop
|
549
|
+
*/
|
550
|
+
certSrc = xmlSecMSCryptoKeyDataX509GetCert(src, pos);
|
551
|
+
if(certSrc == NULL) {
|
552
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
553
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
|
554
|
+
"xmlSecMSCryptoKeyDataX509GetCert",
|
555
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
556
|
+
"pos=%d", pos);
|
557
|
+
return(-1);
|
558
|
+
}
|
559
|
+
|
560
|
+
certDst = CertDuplicateCertificateContext(certSrc);
|
561
|
+
if(certDst == NULL) {
|
562
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
563
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
564
|
+
"CertDuplicateCertificateContext",
|
565
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
566
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
567
|
+
return(-1);
|
568
|
+
}
|
569
|
+
|
570
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(dst, certDst);
|
571
|
+
if(ret < 0) {
|
572
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
573
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
574
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
575
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
576
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
577
|
+
CertFreeCertificateContext(certDst);
|
578
|
+
return(-1);
|
579
|
+
}
|
580
|
+
}
|
581
|
+
|
582
|
+
/* copy crls */
|
583
|
+
size = xmlSecMSCryptoKeyDataX509GetCrlsSize(src);
|
584
|
+
for(pos = 0; pos < size; ++pos) {
|
585
|
+
crlSrc = xmlSecMSCryptoKeyDataX509GetCrl(src, pos);
|
586
|
+
if(crlSrc == NULL) {
|
587
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
588
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
|
589
|
+
"xmlSecMSCryptoKeyDataX509GetCrl",
|
590
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
591
|
+
"pos=%d", pos);
|
592
|
+
return(-1);
|
593
|
+
}
|
594
|
+
|
595
|
+
crlDst = CertDuplicateCRLContext(crlSrc);
|
596
|
+
if(crlDst == NULL) {
|
597
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
598
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
599
|
+
"CertDuplicateCRLContext",
|
600
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
601
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
602
|
+
return(-1);
|
603
|
+
}
|
604
|
+
|
605
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCrl(dst, crlDst);
|
606
|
+
if(ret < 0) {
|
607
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
608
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
609
|
+
"xmlSecMSCryptoKeyDataX509AdoptCrl",
|
610
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
611
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
612
|
+
CertFreeCRLContext(crlDst);
|
613
|
+
return(-1);
|
614
|
+
}
|
615
|
+
}
|
616
|
+
|
617
|
+
/* copy key cert if exist */
|
618
|
+
certSrc = xmlSecMSCryptoKeyDataX509GetKeyCert(src);
|
619
|
+
if(certSrc != NULL) {
|
620
|
+
certDst = CertDuplicateCertificateContext(certSrc);
|
621
|
+
if(certDst == NULL) {
|
622
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
623
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
624
|
+
"CertDuplicateCertificateContext",
|
625
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
626
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
627
|
+
return(-1);
|
628
|
+
}
|
629
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(dst, certDst);
|
630
|
+
if(ret < 0) {
|
631
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
632
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
|
633
|
+
"xmlSecMSCryptoKeyDataX509AdoptKeyCert",
|
634
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
635
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
636
|
+
CertFreeCertificateContext(certDst);
|
637
|
+
return(-1);
|
638
|
+
}
|
639
|
+
}
|
640
|
+
return(0);
|
641
|
+
}
|
642
|
+
|
643
|
+
static void
|
644
|
+
xmlSecMSCryptoKeyDataX509Finalize(xmlSecKeyDataPtr data) {
|
645
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
646
|
+
|
647
|
+
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
|
648
|
+
|
649
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
650
|
+
xmlSecAssert(ctx != NULL);
|
651
|
+
|
652
|
+
if(ctx->keyCert != NULL) {
|
653
|
+
CertFreeCertificateContext(ctx->keyCert);
|
654
|
+
ctx->keyCert = NULL;
|
655
|
+
}
|
656
|
+
|
657
|
+
if (ctx->hMemStore != 0) {
|
658
|
+
if (!CertCloseStore(ctx->hMemStore, CERT_CLOSE_STORE_FORCE_FLAG)) {
|
659
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
660
|
+
NULL,
|
661
|
+
"CertCloseStore",
|
662
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
663
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
664
|
+
return;
|
665
|
+
}
|
666
|
+
}
|
667
|
+
|
668
|
+
memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
|
669
|
+
}
|
670
|
+
|
671
|
+
static int
|
672
|
+
xmlSecMSCryptoKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
|
673
|
+
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
674
|
+
xmlSecKeyDataPtr data;
|
675
|
+
int ret;
|
676
|
+
|
677
|
+
xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
|
678
|
+
xmlSecAssert2(key != NULL, -1);
|
679
|
+
xmlSecAssert2(node != NULL, -1);
|
680
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
681
|
+
|
682
|
+
data = xmlSecKeyEnsureData(key, id);
|
683
|
+
if(data == NULL) {
|
684
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
685
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
686
|
+
"xmlSecKeyEnsureData",
|
687
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
688
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
689
|
+
return(-1);
|
690
|
+
}
|
691
|
+
|
692
|
+
ret = xmlSecMSCryptoX509DataNodeRead(data, node, keyInfoCtx);
|
693
|
+
if(ret < 0) {
|
694
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
695
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
696
|
+
"xmlSecMSCryptoX509DataNodeRead",
|
697
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
698
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
699
|
+
return(-1);
|
700
|
+
}
|
701
|
+
|
702
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
|
703
|
+
ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
|
704
|
+
if(ret < 0) {
|
705
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
706
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
707
|
+
"xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
|
708
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
709
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
710
|
+
return(-1);
|
711
|
+
}
|
712
|
+
}
|
713
|
+
return(0);
|
714
|
+
}
|
715
|
+
|
716
|
+
static int
|
717
|
+
xmlSecMSCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
|
718
|
+
xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
719
|
+
xmlSecKeyDataPtr data;
|
720
|
+
PCCERT_CONTEXT cert;
|
721
|
+
PCCRL_CONTEXT crl;
|
722
|
+
xmlSecSize size, pos;
|
723
|
+
int content = 0;
|
724
|
+
int ret;
|
725
|
+
|
726
|
+
xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
|
727
|
+
xmlSecAssert2(key != NULL, -1);
|
728
|
+
xmlSecAssert2(node != NULL, -1);
|
729
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
730
|
+
|
731
|
+
content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
|
732
|
+
if (content < 0) {
|
733
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
734
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
735
|
+
"xmlSecX509DataGetNodeContent",
|
736
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
737
|
+
"content=%d", content);
|
738
|
+
return(-1);
|
739
|
+
} else if(content == 0) {
|
740
|
+
/* by default we are writing certificates and crls */
|
741
|
+
content = XMLSEC_X509DATA_DEFAULT;
|
742
|
+
}
|
743
|
+
|
744
|
+
/* get x509 data */
|
745
|
+
data = xmlSecKeyGetData(key, id);
|
746
|
+
if(data == NULL) {
|
747
|
+
/* no x509 data in the key */
|
748
|
+
return(0);
|
749
|
+
}
|
750
|
+
|
751
|
+
/* write certs */
|
752
|
+
size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
|
753
|
+
for(pos = 0; pos < size; ++pos) {
|
754
|
+
cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
|
755
|
+
if(cert == NULL) {
|
756
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
757
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
758
|
+
"xmlSecMSCryptoKeyDataX509GetCert",
|
759
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
760
|
+
"pos=%d", pos);
|
761
|
+
return(-1);
|
762
|
+
}
|
763
|
+
|
764
|
+
if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
|
765
|
+
ret = xmlSecMSCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx);
|
766
|
+
if(ret < 0) {
|
767
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
768
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
769
|
+
"xmlSecMSCryptoX509CertificateNodeWrite",
|
770
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
771
|
+
"pos=%d", pos);
|
772
|
+
return(-1);
|
773
|
+
}
|
774
|
+
}
|
775
|
+
|
776
|
+
if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
|
777
|
+
ret = xmlSecMSCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
|
778
|
+
if(ret < 0) {
|
779
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
780
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
781
|
+
"xmlSecMSCryptoX509SubjectNameNodeWrite",
|
782
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
783
|
+
"pos=%d", pos);
|
784
|
+
return(-1);
|
785
|
+
}
|
786
|
+
}
|
787
|
+
|
788
|
+
if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
|
789
|
+
ret = xmlSecMSCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
|
790
|
+
if(ret < 0) {
|
791
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
792
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
793
|
+
"xmlSecMSCryptoX509IssuerSerialNodeWrite",
|
794
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
795
|
+
"pos=%d", pos);
|
796
|
+
return(-1);
|
797
|
+
}
|
798
|
+
}
|
799
|
+
|
800
|
+
if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
|
801
|
+
ret = xmlSecMSCryptoX509SKINodeWrite(cert, node, keyInfoCtx);
|
802
|
+
if(ret < 0) {
|
803
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
804
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
805
|
+
"xmlSecMSCryptoX509SKINodeWrite",
|
806
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
807
|
+
"pos=%d", pos);
|
808
|
+
return(-1);
|
809
|
+
}
|
810
|
+
}
|
811
|
+
}
|
812
|
+
|
813
|
+
/* write crls if needed */
|
814
|
+
if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
|
815
|
+
size = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
|
816
|
+
for(pos = 0; pos < size; ++pos) {
|
817
|
+
crl = xmlSecMSCryptoKeyDataX509GetCrl(data, pos);
|
818
|
+
if(crl == NULL) {
|
819
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
820
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
821
|
+
"xmlSecMSCryptoKeyDataX509GetCrl",
|
822
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
823
|
+
"pos=%d", pos);
|
824
|
+
return(-1);
|
825
|
+
}
|
826
|
+
|
827
|
+
ret = xmlSecMSCryptoX509CRLNodeWrite(crl, node, keyInfoCtx);
|
828
|
+
if(ret < 0) {
|
829
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
830
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
831
|
+
"xmlSecMSCryptoX509CRLNodeWrite",
|
832
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
833
|
+
"pos=%d", pos);
|
834
|
+
return(-1);
|
835
|
+
}
|
836
|
+
}
|
837
|
+
}
|
838
|
+
|
839
|
+
return(0);
|
840
|
+
}
|
841
|
+
|
842
|
+
static xmlSecKeyDataType
|
843
|
+
xmlSecMSCryptoKeyDataX509GetType(xmlSecKeyDataPtr data) {
|
844
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), xmlSecKeyDataTypeUnknown);
|
845
|
+
|
846
|
+
/* TODO: return verified/not verified status */
|
847
|
+
return(xmlSecKeyDataTypeUnknown);
|
848
|
+
}
|
849
|
+
|
850
|
+
static const xmlChar*
|
851
|
+
xmlSecMSCryptoKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
|
852
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
|
853
|
+
|
854
|
+
/* TODO */
|
855
|
+
return(NULL);
|
856
|
+
}
|
857
|
+
|
858
|
+
static void
|
859
|
+
xmlSecMSCryptoKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
|
860
|
+
PCCERT_CONTEXT cert;
|
861
|
+
xmlSecSize size, pos;
|
862
|
+
|
863
|
+
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
|
864
|
+
xmlSecAssert(output != NULL);
|
865
|
+
|
866
|
+
fprintf(output, "=== X509 Data:\n");
|
867
|
+
cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
|
868
|
+
if(cert != NULL) {
|
869
|
+
fprintf(output, "==== Key Certificate:\n");
|
870
|
+
xmlSecMSCryptoX509CertDebugDump(cert, output);
|
871
|
+
}
|
872
|
+
|
873
|
+
size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
|
874
|
+
for(pos = 0; pos < size; ++pos) {
|
875
|
+
cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
|
876
|
+
if(cert == NULL) {
|
877
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
878
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
879
|
+
"xmlSecMSCryptoKeyDataX509GetCert",
|
880
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
881
|
+
"pos=%d", pos);
|
882
|
+
return;
|
883
|
+
}
|
884
|
+
fprintf(output, "==== Certificate:\n");
|
885
|
+
xmlSecMSCryptoX509CertDebugDump(cert, output);
|
886
|
+
}
|
887
|
+
|
888
|
+
/* we don't print out crls */
|
889
|
+
}
|
890
|
+
|
891
|
+
static void
|
892
|
+
xmlSecMSCryptoKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
|
893
|
+
PCCERT_CONTEXT cert;
|
894
|
+
xmlSecSize size, pos;
|
895
|
+
|
896
|
+
xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
|
897
|
+
xmlSecAssert(output != NULL);
|
898
|
+
|
899
|
+
fprintf(output, "<X509Data>\n");
|
900
|
+
cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
|
901
|
+
if(cert != NULL) {
|
902
|
+
fprintf(output, "<KeyCertificate>\n");
|
903
|
+
xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
|
904
|
+
fprintf(output, "</KeyCertificate>\n");
|
905
|
+
}
|
906
|
+
|
907
|
+
size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
|
908
|
+
for(pos = 0; pos < size; ++pos) {
|
909
|
+
cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
|
910
|
+
if(cert == NULL) {
|
911
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
912
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
913
|
+
"xmlSecMSCryptoKeyDataX509GetCert",
|
914
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
915
|
+
"pos=%d", pos);
|
916
|
+
return;
|
917
|
+
}
|
918
|
+
fprintf(output, "<Certificate>\n");
|
919
|
+
xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
|
920
|
+
fprintf(output, "</Certificate>\n");
|
921
|
+
}
|
922
|
+
|
923
|
+
/* we don't print out crls */
|
924
|
+
fprintf(output, "</X509Data>\n");
|
925
|
+
}
|
926
|
+
|
927
|
+
static int
|
928
|
+
xmlSecMSCryptoX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
929
|
+
xmlNodePtr cur;
|
930
|
+
int ret;
|
931
|
+
|
932
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
933
|
+
xmlSecAssert2(node != NULL, -1);
|
934
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
935
|
+
|
936
|
+
for(cur = xmlSecGetNextElementNode(node->children);
|
937
|
+
cur != NULL;
|
938
|
+
cur = xmlSecGetNextElementNode(cur->next)) {
|
939
|
+
|
940
|
+
ret = 0;
|
941
|
+
if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
|
942
|
+
ret = xmlSecMSCryptoX509CertificateNodeRead(data, cur, keyInfoCtx);
|
943
|
+
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
|
944
|
+
ret = xmlSecMSCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx);
|
945
|
+
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
|
946
|
+
ret = xmlSecMSCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
|
947
|
+
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
|
948
|
+
ret = xmlSecMSCryptoX509SKINodeRead(data, cur, keyInfoCtx);
|
949
|
+
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
|
950
|
+
ret = xmlSecMSCryptoX509CRLNodeRead(data, cur, keyInfoCtx);
|
951
|
+
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
|
952
|
+
/* laxi schema validation: ignore unknown nodes */
|
953
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
954
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
955
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
|
956
|
+
XMLSEC_ERRORS_R_UNEXPECTED_NODE,
|
957
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
958
|
+
return(-1);
|
959
|
+
}
|
960
|
+
if(ret < 0) {
|
961
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
962
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
963
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
|
964
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
965
|
+
"read node failed");
|
966
|
+
return(-1);
|
967
|
+
}
|
968
|
+
}
|
969
|
+
return(0);
|
970
|
+
}
|
971
|
+
|
972
|
+
static int
|
973
|
+
xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
974
|
+
xmlChar *content;
|
975
|
+
PCCERT_CONTEXT cert;
|
976
|
+
int ret;
|
977
|
+
|
978
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
979
|
+
xmlSecAssert2(node != NULL, -1);
|
980
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
981
|
+
|
982
|
+
content = xmlNodeGetContent(node);
|
983
|
+
if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
|
984
|
+
if(content != NULL) {
|
985
|
+
xmlFree(content);
|
986
|
+
}
|
987
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
|
988
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
989
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
990
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
|
991
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
992
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
993
|
+
return(-1);
|
994
|
+
}
|
995
|
+
return(0);
|
996
|
+
}
|
997
|
+
|
998
|
+
cert = xmlSecMSCryptoX509CertBase64DerRead(content);
|
999
|
+
if(cert == NULL) {
|
1000
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1001
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1002
|
+
"xmlSecMSCryptoX509CertBase64DerRead",
|
1003
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1004
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1005
|
+
xmlFree(content);
|
1006
|
+
return(-1);
|
1007
|
+
}
|
1008
|
+
|
1009
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
|
1010
|
+
if(ret < 0) {
|
1011
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1012
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1013
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
1014
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1015
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1016
|
+
CertFreeCertificateContext(cert);
|
1017
|
+
xmlFree(content);
|
1018
|
+
return(-1);
|
1019
|
+
}
|
1020
|
+
|
1021
|
+
xmlFree(content);
|
1022
|
+
return(0);
|
1023
|
+
}
|
1024
|
+
|
1025
|
+
static int
|
1026
|
+
xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
|
1027
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1028
|
+
xmlChar* buf;
|
1029
|
+
xmlNodePtr cur;
|
1030
|
+
|
1031
|
+
xmlSecAssert2(cert != NULL, -1);
|
1032
|
+
xmlSecAssert2(node != NULL, -1);
|
1033
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1034
|
+
|
1035
|
+
/* set base64 lines size from context */
|
1036
|
+
buf = xmlSecMSCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
|
1037
|
+
if(buf == NULL) {
|
1038
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1039
|
+
NULL,
|
1040
|
+
"xmlSecMSCryptoX509CertBase64DerWrite",
|
1041
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1042
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1043
|
+
return(-1);
|
1044
|
+
}
|
1045
|
+
|
1046
|
+
cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
|
1047
|
+
if(cur == NULL) {
|
1048
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1049
|
+
NULL,
|
1050
|
+
"xmlSecAddChild",
|
1051
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1052
|
+
"node=%s",
|
1053
|
+
xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
|
1054
|
+
xmlFree(buf);
|
1055
|
+
return(-1);
|
1056
|
+
}
|
1057
|
+
|
1058
|
+
/* todo: add \n around base64 data - from context */
|
1059
|
+
/* todo: add errors check */
|
1060
|
+
xmlNodeSetContent(cur, xmlSecStringCR);
|
1061
|
+
xmlNodeSetContent(cur, buf);
|
1062
|
+
xmlFree(buf);
|
1063
|
+
return(0);
|
1064
|
+
}
|
1065
|
+
|
1066
|
+
static int
|
1067
|
+
xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1068
|
+
xmlSecKeyDataStorePtr x509Store;
|
1069
|
+
xmlChar* subject;
|
1070
|
+
PCCERT_CONTEXT cert;
|
1071
|
+
int ret;
|
1072
|
+
|
1073
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
1074
|
+
xmlSecAssert2(node != NULL, -1);
|
1075
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1076
|
+
xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
|
1077
|
+
|
1078
|
+
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
|
1079
|
+
if(x509Store == NULL) {
|
1080
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1081
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1082
|
+
"xmlSecKeysMngrGetDataStore",
|
1083
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1084
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1085
|
+
return(-1);
|
1086
|
+
}
|
1087
|
+
|
1088
|
+
subject = xmlNodeGetContent(node);
|
1089
|
+
if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
|
1090
|
+
if(subject != NULL) {
|
1091
|
+
xmlFree(subject);
|
1092
|
+
}
|
1093
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
|
1094
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1095
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1096
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
|
1097
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
1098
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1099
|
+
return(-1);
|
1100
|
+
}
|
1101
|
+
return(0);
|
1102
|
+
}
|
1103
|
+
|
1104
|
+
cert = xmlSecMSCryptoX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
|
1105
|
+
if(cert == NULL){
|
1106
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
|
1107
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1108
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1109
|
+
NULL,
|
1110
|
+
XMLSEC_ERRORS_R_CERT_NOT_FOUND,
|
1111
|
+
"subject=%s",
|
1112
|
+
xmlSecErrorsSafeString(subject));
|
1113
|
+
xmlFree(subject);
|
1114
|
+
return(-1);
|
1115
|
+
}
|
1116
|
+
xmlFree(subject);
|
1117
|
+
return(0);
|
1118
|
+
}
|
1119
|
+
|
1120
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
|
1121
|
+
if(ret < 0) {
|
1122
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1123
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1124
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
1125
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1126
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1127
|
+
CertFreeCertificateContext(cert);
|
1128
|
+
xmlFree(subject);
|
1129
|
+
return(-1);
|
1130
|
+
}
|
1131
|
+
|
1132
|
+
xmlFree(subject);
|
1133
|
+
return(0);
|
1134
|
+
}
|
1135
|
+
|
1136
|
+
static int
|
1137
|
+
xmlSecMSCryptoX509SubjectNameNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
|
1138
|
+
xmlChar* buf = NULL;
|
1139
|
+
xmlNodePtr cur = NULL;
|
1140
|
+
|
1141
|
+
xmlSecAssert2(cert != NULL, -1);
|
1142
|
+
xmlSecAssert2(node != NULL, -1);
|
1143
|
+
|
1144
|
+
buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject));
|
1145
|
+
if(buf == NULL) {
|
1146
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1147
|
+
NULL,
|
1148
|
+
"xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject))",
|
1149
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1150
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1151
|
+
return(-1);
|
1152
|
+
}
|
1153
|
+
|
1154
|
+
cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
|
1155
|
+
if(cur == NULL) {
|
1156
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1157
|
+
NULL,
|
1158
|
+
"xmlSecAddChild",
|
1159
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1160
|
+
"node=%s",
|
1161
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
|
1162
|
+
xmlFree(buf);
|
1163
|
+
return(-1);
|
1164
|
+
}
|
1165
|
+
xmlSecNodeEncodeAndSetContent(cur, buf);
|
1166
|
+
xmlFree(buf);
|
1167
|
+
return(0);
|
1168
|
+
}
|
1169
|
+
|
1170
|
+
static int
|
1171
|
+
xmlSecMSCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1172
|
+
xmlSecKeyDataStorePtr x509Store;
|
1173
|
+
xmlNodePtr cur;
|
1174
|
+
xmlChar *issuerName;
|
1175
|
+
xmlChar *issuerSerial;
|
1176
|
+
PCCERT_CONTEXT cert;
|
1177
|
+
int ret;
|
1178
|
+
|
1179
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
1180
|
+
xmlSecAssert2(node != NULL, -1);
|
1181
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1182
|
+
xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
|
1183
|
+
|
1184
|
+
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
|
1185
|
+
if(x509Store == NULL) {
|
1186
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1187
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1188
|
+
"xmlSecKeysMngrGetDataStore",
|
1189
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1190
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1191
|
+
return(-1);
|
1192
|
+
}
|
1193
|
+
|
1194
|
+
cur = xmlSecGetNextElementNode(node->children);
|
1195
|
+
if(cur == NULL) {
|
1196
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
|
1197
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1198
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1199
|
+
xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
|
1200
|
+
XMLSEC_ERRORS_R_NODE_NOT_FOUND,
|
1201
|
+
"node=%s",
|
1202
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
|
1203
|
+
return(-1);
|
1204
|
+
}
|
1205
|
+
return(0);
|
1206
|
+
}
|
1207
|
+
|
1208
|
+
/* the first is required node X509IssuerName */
|
1209
|
+
if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
|
1210
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1211
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1212
|
+
xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
|
1213
|
+
XMLSEC_ERRORS_R_NODE_NOT_FOUND,
|
1214
|
+
"node=%s",
|
1215
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
|
1216
|
+
return(-1);
|
1217
|
+
}
|
1218
|
+
issuerName = xmlNodeGetContent(cur);
|
1219
|
+
if(issuerName == NULL) {
|
1220
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1221
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1222
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
|
1223
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
1224
|
+
"node=%s",
|
1225
|
+
xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
|
1226
|
+
return(-1);
|
1227
|
+
}
|
1228
|
+
cur = xmlSecGetNextElementNode(cur->next);
|
1229
|
+
|
1230
|
+
/* next is required node X509SerialNumber */
|
1231
|
+
if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
|
1232
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1233
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1234
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
|
1235
|
+
XMLSEC_ERRORS_R_NODE_NOT_FOUND,
|
1236
|
+
"node=%s",
|
1237
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
|
1238
|
+
xmlFree(issuerName);
|
1239
|
+
return(-1);
|
1240
|
+
}
|
1241
|
+
issuerSerial = xmlNodeGetContent(cur);
|
1242
|
+
if(issuerSerial == NULL) {
|
1243
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1244
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1245
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
|
1246
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
1247
|
+
"node=%s",
|
1248
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
|
1249
|
+
xmlFree(issuerName);
|
1250
|
+
return(-1);
|
1251
|
+
}
|
1252
|
+
cur = xmlSecGetNextElementNode(cur->next);
|
1253
|
+
|
1254
|
+
if(cur != NULL) {
|
1255
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1256
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1257
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
|
1258
|
+
XMLSEC_ERRORS_R_UNEXPECTED_NODE,
|
1259
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1260
|
+
xmlFree(issuerSerial);
|
1261
|
+
xmlFree(issuerName);
|
1262
|
+
return(-1);
|
1263
|
+
}
|
1264
|
+
|
1265
|
+
cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
|
1266
|
+
if(cert == NULL){
|
1267
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
|
1268
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1269
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1270
|
+
NULL,
|
1271
|
+
XMLSEC_ERRORS_R_CERT_NOT_FOUND,
|
1272
|
+
"issuerName=%s;issuerSerial=%s",
|
1273
|
+
xmlSecErrorsSafeString(issuerName),
|
1274
|
+
xmlSecErrorsSafeString(issuerSerial));
|
1275
|
+
xmlFree(issuerSerial);
|
1276
|
+
xmlFree(issuerName);
|
1277
|
+
return(-1);
|
1278
|
+
}
|
1279
|
+
|
1280
|
+
xmlFree(issuerSerial);
|
1281
|
+
xmlFree(issuerName);
|
1282
|
+
return(0);
|
1283
|
+
}
|
1284
|
+
|
1285
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
|
1286
|
+
if(ret < 0) {
|
1287
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1288
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1289
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
1290
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1291
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1292
|
+
CertFreeCertificateContext(cert);
|
1293
|
+
xmlFree(issuerSerial);
|
1294
|
+
xmlFree(issuerName);
|
1295
|
+
return(-1);
|
1296
|
+
}
|
1297
|
+
|
1298
|
+
xmlFree(issuerSerial);
|
1299
|
+
xmlFree(issuerName);
|
1300
|
+
return(0);
|
1301
|
+
}
|
1302
|
+
|
1303
|
+
static int
|
1304
|
+
xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert,
|
1305
|
+
xmlNodePtr node,
|
1306
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
|
1307
|
+
xmlNodePtr cur;
|
1308
|
+
xmlNodePtr issuerNameNode;
|
1309
|
+
xmlNodePtr issuerNumberNode;
|
1310
|
+
xmlChar* buf;
|
1311
|
+
int ret;
|
1312
|
+
|
1313
|
+
xmlSecAssert2(cert != NULL, -1);
|
1314
|
+
xmlSecAssert2(node != NULL, -1);
|
1315
|
+
|
1316
|
+
/* create xml nodes */
|
1317
|
+
cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
|
1318
|
+
if(cur == NULL) {
|
1319
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1320
|
+
NULL,
|
1321
|
+
"xmlSecAddChild",
|
1322
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1323
|
+
"node=%s",
|
1324
|
+
xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
|
1325
|
+
return(-1);
|
1326
|
+
}
|
1327
|
+
|
1328
|
+
issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
|
1329
|
+
if(issuerNameNode == NULL) {
|
1330
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1331
|
+
NULL,
|
1332
|
+
"xmlSecAddChild",
|
1333
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1334
|
+
"node=%s",
|
1335
|
+
xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
|
1336
|
+
return(-1);
|
1337
|
+
}
|
1338
|
+
|
1339
|
+
issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
|
1340
|
+
if(issuerNumberNode == NULL) {
|
1341
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1342
|
+
NULL,
|
1343
|
+
"xmlSecAddChild",
|
1344
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1345
|
+
"node=%s",
|
1346
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
|
1347
|
+
return(-1);
|
1348
|
+
}
|
1349
|
+
|
1350
|
+
/* write data */
|
1351
|
+
buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer));
|
1352
|
+
if(buf == NULL) {
|
1353
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1354
|
+
NULL,
|
1355
|
+
"xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer))",
|
1356
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1357
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1358
|
+
return(-1);
|
1359
|
+
}
|
1360
|
+
xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
|
1361
|
+
xmlFree(buf);
|
1362
|
+
|
1363
|
+
ret = xmlSecMSCryptoASN1IntegerWrite(issuerNumberNode, &(cert->pCertInfo->SerialNumber));
|
1364
|
+
if(ret < 0) {
|
1365
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1366
|
+
NULL,
|
1367
|
+
"xmlSecMSCryptoASN1IntegerWrite(&(cert->serialNumber))",
|
1368
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1369
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1370
|
+
return(-1);
|
1371
|
+
}
|
1372
|
+
return(0);
|
1373
|
+
}
|
1374
|
+
|
1375
|
+
static int
|
1376
|
+
xmlSecMSCryptoX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1377
|
+
xmlSecKeyDataStorePtr x509Store;
|
1378
|
+
xmlChar* ski;
|
1379
|
+
PCCERT_CONTEXT cert;
|
1380
|
+
int ret;
|
1381
|
+
|
1382
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
1383
|
+
xmlSecAssert2(node != NULL, -1);
|
1384
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1385
|
+
xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
|
1386
|
+
|
1387
|
+
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
|
1388
|
+
if(x509Store == NULL) {
|
1389
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1390
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1391
|
+
"xmlSecKeysMngrGetDataStore",
|
1392
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1393
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1394
|
+
return(-1);
|
1395
|
+
}
|
1396
|
+
|
1397
|
+
ski = xmlNodeGetContent(node);
|
1398
|
+
if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
|
1399
|
+
if(ski != NULL) {
|
1400
|
+
xmlFree(ski);
|
1401
|
+
}
|
1402
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
|
1403
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1404
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1405
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
|
1406
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
1407
|
+
"node=%s",
|
1408
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SKI));
|
1409
|
+
return(-1);
|
1410
|
+
}
|
1411
|
+
return(0);
|
1412
|
+
}
|
1413
|
+
|
1414
|
+
cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
|
1415
|
+
if(cert == NULL){
|
1416
|
+
xmlFree(ski);
|
1417
|
+
|
1418
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
|
1419
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1420
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1421
|
+
NULL,
|
1422
|
+
XMLSEC_ERRORS_R_CERT_NOT_FOUND,
|
1423
|
+
"ski=%s",
|
1424
|
+
xmlSecErrorsSafeString(ski));
|
1425
|
+
return(-1);
|
1426
|
+
}
|
1427
|
+
return(0);
|
1428
|
+
}
|
1429
|
+
|
1430
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
|
1431
|
+
if(ret < 0) {
|
1432
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1433
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1434
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
1435
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1436
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1437
|
+
CertFreeCertificateContext(cert);
|
1438
|
+
xmlFree(ski);
|
1439
|
+
return(-1);
|
1440
|
+
}
|
1441
|
+
|
1442
|
+
xmlFree(ski);
|
1443
|
+
return(0);
|
1444
|
+
}
|
1445
|
+
|
1446
|
+
static int
|
1447
|
+
xmlSecMSCryptoX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
|
1448
|
+
xmlChar *buf = NULL;
|
1449
|
+
xmlNodePtr cur = NULL;
|
1450
|
+
|
1451
|
+
xmlSecAssert2(cert != NULL, -1);
|
1452
|
+
xmlSecAssert2(node != NULL, -1);
|
1453
|
+
|
1454
|
+
buf = xmlSecMSCryptoX509SKIWrite(cert);
|
1455
|
+
if(buf == NULL) {
|
1456
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1457
|
+
NULL,
|
1458
|
+
"xmlSecMSCryptoX509SKIWrite",
|
1459
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1460
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1461
|
+
return(-1);
|
1462
|
+
}
|
1463
|
+
|
1464
|
+
cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
|
1465
|
+
if(cur == NULL) {
|
1466
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1467
|
+
NULL,
|
1468
|
+
"xmlSecAddChild",
|
1469
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1470
|
+
"new_node=%s",
|
1471
|
+
xmlSecErrorsSafeString(xmlSecNodeX509SKI));
|
1472
|
+
xmlFree(buf);
|
1473
|
+
return(-1);
|
1474
|
+
}
|
1475
|
+
xmlSecNodeEncodeAndSetContent(cur, buf);
|
1476
|
+
xmlFree(buf);
|
1477
|
+
|
1478
|
+
return(0);
|
1479
|
+
}
|
1480
|
+
|
1481
|
+
static int
|
1482
|
+
xmlSecMSCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1483
|
+
xmlChar *content;
|
1484
|
+
PCCRL_CONTEXT crl;
|
1485
|
+
|
1486
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
1487
|
+
xmlSecAssert2(node != NULL, -1);
|
1488
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1489
|
+
|
1490
|
+
content = xmlNodeGetContent(node);
|
1491
|
+
if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
|
1492
|
+
if(content != NULL) {
|
1493
|
+
xmlFree(content);
|
1494
|
+
}
|
1495
|
+
if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
|
1496
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1497
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1498
|
+
xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
|
1499
|
+
XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
|
1500
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1501
|
+
return(-1);
|
1502
|
+
}
|
1503
|
+
return(0);
|
1504
|
+
}
|
1505
|
+
|
1506
|
+
crl = xmlSecMSCryptoX509CrlBase64DerRead(content, keyInfoCtx);
|
1507
|
+
if(crl == NULL) {
|
1508
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1509
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1510
|
+
"xmlSecMSCryptoX509CrlBase64DerRead",
|
1511
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1512
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1513
|
+
xmlFree(content);
|
1514
|
+
return(-1);
|
1515
|
+
}
|
1516
|
+
|
1517
|
+
if (0 != xmlSecMSCryptoKeyDataX509AdoptCrl(data, crl)) {
|
1518
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1519
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1520
|
+
"xmlSecMSCryptoKeyDataX509AdoptCrl",
|
1521
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1522
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1523
|
+
xmlFree(content);
|
1524
|
+
CertFreeCRLContext(crl);
|
1525
|
+
return(-1);
|
1526
|
+
}
|
1527
|
+
|
1528
|
+
xmlFree(content);
|
1529
|
+
return(0);
|
1530
|
+
}
|
1531
|
+
|
1532
|
+
static int
|
1533
|
+
xmlSecMSCryptoX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1534
|
+
xmlChar* buf = NULL;
|
1535
|
+
xmlNodePtr cur = NULL;
|
1536
|
+
|
1537
|
+
xmlSecAssert2(crl != NULL, -1);
|
1538
|
+
xmlSecAssert2(node != NULL, -1);
|
1539
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1540
|
+
|
1541
|
+
/* set base64 lines size from context */
|
1542
|
+
buf = xmlSecMSCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
|
1543
|
+
if(buf == NULL) {
|
1544
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1545
|
+
NULL,
|
1546
|
+
"xmlSecMSCryptoX509CrlBase64DerWrite",
|
1547
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1548
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1549
|
+
return(-1);
|
1550
|
+
}
|
1551
|
+
|
1552
|
+
cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
|
1553
|
+
if(cur == NULL) {
|
1554
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1555
|
+
NULL,
|
1556
|
+
"xmlSecAddChild",
|
1557
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1558
|
+
"new_node=%s",
|
1559
|
+
xmlSecErrorsSafeString(xmlSecNodeX509CRL));
|
1560
|
+
xmlFree(buf);
|
1561
|
+
return(-1);
|
1562
|
+
}
|
1563
|
+
/* todo: add \n around base64 data - from context */
|
1564
|
+
/* todo: add errors check */
|
1565
|
+
xmlNodeSetContent(cur, xmlSecStringCR);
|
1566
|
+
xmlNodeSetContent(cur, buf);
|
1567
|
+
xmlFree(buf);
|
1568
|
+
|
1569
|
+
return(0);
|
1570
|
+
}
|
1571
|
+
|
1572
|
+
|
1573
|
+
static int
|
1574
|
+
xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
|
1575
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1576
|
+
xmlSecMSCryptoX509DataCtxPtr ctx;
|
1577
|
+
xmlSecKeyDataStorePtr x509Store;
|
1578
|
+
int ret;
|
1579
|
+
|
1580
|
+
xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
|
1581
|
+
xmlSecAssert2(key != NULL, -1);
|
1582
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
1583
|
+
xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
|
1584
|
+
|
1585
|
+
ctx = xmlSecMSCryptoX509DataGetCtx(data);
|
1586
|
+
xmlSecAssert2(ctx != NULL, -1);
|
1587
|
+
xmlSecAssert2(ctx->hMemStore != 0, -1);
|
1588
|
+
|
1589
|
+
x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
|
1590
|
+
if(x509Store == NULL) {
|
1591
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1592
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1593
|
+
"xmlSecKeysMngrGetDataStore",
|
1594
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1595
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1596
|
+
return(-1);
|
1597
|
+
}
|
1598
|
+
|
1599
|
+
if((ctx->keyCert == NULL) && (xmlSecKeyGetValue(key) == NULL)) {
|
1600
|
+
PCCERT_CONTEXT cert;
|
1601
|
+
|
1602
|
+
cert = xmlSecMSCryptoX509StoreVerify(x509Store, ctx->hMemStore, keyInfoCtx);
|
1603
|
+
if(cert != NULL) {
|
1604
|
+
xmlSecKeyDataPtr keyValue = NULL;
|
1605
|
+
PCCERT_CONTEXT pCert = NULL;
|
1606
|
+
|
1607
|
+
ctx->keyCert = CertDuplicateCertificateContext(cert);
|
1608
|
+
if(ctx->keyCert == NULL) {
|
1609
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1610
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1611
|
+
"CertDuplicateCertificateContext",
|
1612
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1613
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1614
|
+
return(-1);
|
1615
|
+
}
|
1616
|
+
|
1617
|
+
/* search key according to KeyReq */
|
1618
|
+
pCert = CertDuplicateCertificateContext( ctx->keyCert ) ;
|
1619
|
+
if( pCert == NULL ) {
|
1620
|
+
xmlSecError( XMLSEC_ERRORS_HERE,
|
1621
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1622
|
+
"CertDuplicateCertificateContext",
|
1623
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1624
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1625
|
+
|
1626
|
+
return(-1);
|
1627
|
+
}
|
1628
|
+
|
1629
|
+
if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate ) == xmlSecKeyDataTypePrivate ) {
|
1630
|
+
keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePrivate ) ;
|
1631
|
+
if(keyValue == NULL) {
|
1632
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1633
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1634
|
+
"xmlSecMSCryptoCertAdopt",
|
1635
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1636
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1637
|
+
CertFreeCertificateContext( pCert ) ;
|
1638
|
+
return(-1);
|
1639
|
+
}
|
1640
|
+
pCert = NULL ;
|
1641
|
+
} else if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePublic ) == xmlSecKeyDataTypePublic ) {
|
1642
|
+
keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePublic ) ;
|
1643
|
+
if(keyValue == NULL) {
|
1644
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1645
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1646
|
+
"xmlSecMSCryptoCertAdopt",
|
1647
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1648
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1649
|
+
CertFreeCertificateContext( pCert ) ;
|
1650
|
+
return(-1);
|
1651
|
+
}
|
1652
|
+
pCert = NULL ;
|
1653
|
+
}
|
1654
|
+
|
1655
|
+
/* verify that the key matches our expectations */
|
1656
|
+
if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
|
1657
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1658
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1659
|
+
"xmlSecKeyReqMatchKeyValue",
|
1660
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1661
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1662
|
+
xmlSecKeyDataDestroy(keyValue);
|
1663
|
+
return(-1);
|
1664
|
+
}
|
1665
|
+
|
1666
|
+
ret = xmlSecKeySetValue(key, keyValue);
|
1667
|
+
if(ret < 0) {
|
1668
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1669
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1670
|
+
"xmlSecKeySetValue",
|
1671
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1672
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1673
|
+
xmlSecKeyDataDestroy(keyValue);
|
1674
|
+
return(-1);
|
1675
|
+
}
|
1676
|
+
|
1677
|
+
ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotBefore, &(key->notValidBefore));
|
1678
|
+
if(ret < 0) {
|
1679
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1680
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1681
|
+
"xmlSecMSCryptoX509CertGetTime",
|
1682
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1683
|
+
"notValidBefore");
|
1684
|
+
return(-1);
|
1685
|
+
}
|
1686
|
+
|
1687
|
+
ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotAfter, &(key->notValidAfter));
|
1688
|
+
if(ret < 0) {
|
1689
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1690
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1691
|
+
"xmlSecMSCryptoX509CertGetTime",
|
1692
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1693
|
+
"notValidAfter");
|
1694
|
+
return(-1);
|
1695
|
+
}
|
1696
|
+
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
|
1697
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1698
|
+
xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
|
1699
|
+
NULL,
|
1700
|
+
XMLSEC_ERRORS_R_CERT_NOT_FOUND,
|
1701
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1702
|
+
return(-1);
|
1703
|
+
}
|
1704
|
+
}
|
1705
|
+
return(0);
|
1706
|
+
}
|
1707
|
+
|
1708
|
+
static int
|
1709
|
+
xmlSecMSCryptoX509CertGetTime(FILETIME t, time_t* res) {
|
1710
|
+
LONGLONG result;
|
1711
|
+
|
1712
|
+
xmlSecAssert2(res != NULL, -1);
|
1713
|
+
|
1714
|
+
result = t.dwHighDateTime;
|
1715
|
+
result = (result) << 32;
|
1716
|
+
result |= t.dwLowDateTime;
|
1717
|
+
result /= 10000; /* Convert from 100 nano-sec periods to seconds. */
|
1718
|
+
#if defined(__MINGW32__)
|
1719
|
+
result -= 11644473600000ULL; /* Convert from Windows epoch to Unix epoch */
|
1720
|
+
#else
|
1721
|
+
result -= 11644473600000; /* Convert from Windows epoch to Unix epoch */
|
1722
|
+
#endif
|
1723
|
+
|
1724
|
+
(*res) = (time_t)result;
|
1725
|
+
|
1726
|
+
return(0);
|
1727
|
+
}
|
1728
|
+
|
1729
|
+
static PCCERT_CONTEXT
|
1730
|
+
xmlSecMSCryptoX509CertBase64DerRead(xmlChar* buf) {
|
1731
|
+
int ret;
|
1732
|
+
|
1733
|
+
xmlSecAssert2(buf != NULL, NULL);
|
1734
|
+
|
1735
|
+
/* usual trick with base64 decoding "in-place" */
|
1736
|
+
ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
|
1737
|
+
if(ret < 0) {
|
1738
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1739
|
+
NULL,
|
1740
|
+
"xmlSecBase64Decode",
|
1741
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1742
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1743
|
+
return(NULL);
|
1744
|
+
}
|
1745
|
+
|
1746
|
+
return(xmlSecMSCryptoX509CertDerRead((xmlSecByte*)buf, ret));
|
1747
|
+
}
|
1748
|
+
|
1749
|
+
|
1750
|
+
static PCCERT_CONTEXT
|
1751
|
+
xmlSecMSCryptoX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
|
1752
|
+
PCCERT_CONTEXT cert;
|
1753
|
+
|
1754
|
+
xmlSecAssert2(buf != NULL, NULL);
|
1755
|
+
xmlSecAssert2(size > 0, NULL);
|
1756
|
+
|
1757
|
+
cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
|
1758
|
+
if(cert == NULL) {
|
1759
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1760
|
+
NULL,
|
1761
|
+
"CertCreateCertificateContext",
|
1762
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1763
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1764
|
+
return(NULL);
|
1765
|
+
}
|
1766
|
+
|
1767
|
+
return(cert);
|
1768
|
+
}
|
1769
|
+
|
1770
|
+
static xmlChar*
|
1771
|
+
xmlSecMSCryptoX509CertBase64DerWrite(PCCERT_CONTEXT cert, int base64LineWrap) {
|
1772
|
+
xmlChar *res = NULL;
|
1773
|
+
xmlSecByte *p = NULL;
|
1774
|
+
long size;
|
1775
|
+
|
1776
|
+
xmlSecAssert2(cert != NULL, NULL);
|
1777
|
+
|
1778
|
+
p = cert->pbCertEncoded;
|
1779
|
+
size = cert->cbCertEncoded;
|
1780
|
+
if((size <= 0) || (p == NULL)){
|
1781
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1782
|
+
NULL,
|
1783
|
+
"cert->pbCertEncoded",
|
1784
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1785
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1786
|
+
return(NULL);
|
1787
|
+
}
|
1788
|
+
|
1789
|
+
res = xmlSecBase64Encode(p, size, base64LineWrap);
|
1790
|
+
if(res == NULL) {
|
1791
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1792
|
+
NULL,
|
1793
|
+
"xmlSecBase64Encode",
|
1794
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1795
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1796
|
+
return(NULL);
|
1797
|
+
}
|
1798
|
+
|
1799
|
+
return(res);
|
1800
|
+
}
|
1801
|
+
|
1802
|
+
static PCCRL_CONTEXT
|
1803
|
+
xmlSecMSCryptoX509CrlBase64DerRead(xmlChar* buf,
|
1804
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1805
|
+
int ret;
|
1806
|
+
|
1807
|
+
xmlSecAssert2(buf != NULL, NULL);
|
1808
|
+
|
1809
|
+
/* usual trick with base64 decoding "in-place" */
|
1810
|
+
ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
|
1811
|
+
if(ret < 0) {
|
1812
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1813
|
+
NULL,
|
1814
|
+
"xmlSecBase64Decode",
|
1815
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1816
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1817
|
+
return(NULL);
|
1818
|
+
}
|
1819
|
+
|
1820
|
+
return(xmlSecMSCryptoX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
|
1821
|
+
}
|
1822
|
+
|
1823
|
+
|
1824
|
+
static PCCRL_CONTEXT
|
1825
|
+
xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
|
1826
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
1827
|
+
PCCRL_CONTEXT crl = NULL;
|
1828
|
+
|
1829
|
+
xmlSecAssert2(buf != NULL, NULL);
|
1830
|
+
xmlSecAssert2(keyInfoCtx != NULL, NULL);
|
1831
|
+
xmlSecAssert2(size > 0, NULL);
|
1832
|
+
|
1833
|
+
crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
|
1834
|
+
|
1835
|
+
if(crl == NULL) {
|
1836
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1837
|
+
NULL,
|
1838
|
+
"CertCreateCRLContext",
|
1839
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1840
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1841
|
+
return(NULL);
|
1842
|
+
}
|
1843
|
+
|
1844
|
+
return(crl);
|
1845
|
+
}
|
1846
|
+
|
1847
|
+
static xmlChar*
|
1848
|
+
xmlSecMSCryptoX509CrlBase64DerWrite(PCCRL_CONTEXT crl, int base64LineWrap) {
|
1849
|
+
xmlChar *res = NULL;
|
1850
|
+
xmlSecByte *p = NULL;
|
1851
|
+
long size;
|
1852
|
+
|
1853
|
+
xmlSecAssert2(crl != NULL, NULL);
|
1854
|
+
|
1855
|
+
p = crl->pbCrlEncoded;
|
1856
|
+
size = crl->cbCrlEncoded;
|
1857
|
+
if((size <= 0) || (p == NULL)){
|
1858
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1859
|
+
NULL,
|
1860
|
+
"crl->pbCrlEncoded",
|
1861
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1862
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1863
|
+
return(NULL);
|
1864
|
+
}
|
1865
|
+
|
1866
|
+
res = xmlSecBase64Encode(p, size, base64LineWrap);
|
1867
|
+
if(res == NULL) {
|
1868
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1869
|
+
NULL,
|
1870
|
+
"xmlSecBase64Encode",
|
1871
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1872
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1873
|
+
return(NULL);
|
1874
|
+
}
|
1875
|
+
|
1876
|
+
return(res);
|
1877
|
+
}
|
1878
|
+
|
1879
|
+
static xmlChar*
|
1880
|
+
xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm) {
|
1881
|
+
LPTSTR resT = NULL;
|
1882
|
+
xmlChar *res = NULL;
|
1883
|
+
DWORD csz;
|
1884
|
+
|
1885
|
+
|
1886
|
+
xmlSecAssert2(nm->pbData != NULL, NULL);
|
1887
|
+
xmlSecAssert2(nm->cbData > 0, NULL);
|
1888
|
+
|
1889
|
+
csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, NULL, 0);
|
1890
|
+
if(csz <= 0) {
|
1891
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1892
|
+
NULL,
|
1893
|
+
"CertNameToStr",
|
1894
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1895
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1896
|
+
return(NULL);
|
1897
|
+
}
|
1898
|
+
|
1899
|
+
resT = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (csz + 1));
|
1900
|
+
if (NULL == resT) {
|
1901
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1902
|
+
NULL,
|
1903
|
+
"xmlMalloc",
|
1904
|
+
XMLSEC_ERRORS_R_MALLOC_FAILED,
|
1905
|
+
"size=%d", sizeof(WCHAR) * (csz + 1));
|
1906
|
+
return (NULL);
|
1907
|
+
}
|
1908
|
+
|
1909
|
+
csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, resT, csz + 1);
|
1910
|
+
if (csz <= 0) {
|
1911
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1912
|
+
NULL,
|
1913
|
+
"CertNameToStr",
|
1914
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
1915
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1916
|
+
xmlFree(resT);
|
1917
|
+
return(NULL);
|
1918
|
+
}
|
1919
|
+
|
1920
|
+
res = xmlSecMSCryptoConvertTstrToUtf8(resT);
|
1921
|
+
if (NULL == res) {
|
1922
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1923
|
+
NULL,
|
1924
|
+
"xmlSecMSCryptoConvertTstrToUtf8",
|
1925
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1926
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1927
|
+
xmlFree(resT);
|
1928
|
+
return(NULL);
|
1929
|
+
}
|
1930
|
+
|
1931
|
+
return(res);
|
1932
|
+
}
|
1933
|
+
|
1934
|
+
|
1935
|
+
|
1936
|
+
static int
|
1937
|
+
xmlSecMSCryptoASN1IntegerWrite(xmlNodePtr node, PCRYPT_INTEGER_BLOB num) {
|
1938
|
+
xmlSecBn bn;
|
1939
|
+
int ret;
|
1940
|
+
|
1941
|
+
xmlSecAssert2(node != NULL, -1);
|
1942
|
+
xmlSecAssert2(num != NULL, -1);
|
1943
|
+
|
1944
|
+
ret = xmlSecBnInitialize(&bn, num->cbData + 1);
|
1945
|
+
if(ret < 0) {
|
1946
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1947
|
+
NULL,
|
1948
|
+
"xmlSecBnInitialize",
|
1949
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1950
|
+
"size=%ld", num->cbData + 1);
|
1951
|
+
return(-1);
|
1952
|
+
}
|
1953
|
+
|
1954
|
+
ret = xmlSecBnSetData(&bn, num->pbData, num->cbData);
|
1955
|
+
if(ret < 0) {
|
1956
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1957
|
+
NULL,
|
1958
|
+
"xmlSecBnSetData",
|
1959
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1960
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1961
|
+
xmlSecBnFinalize(&bn);
|
1962
|
+
return(-1);
|
1963
|
+
}
|
1964
|
+
|
1965
|
+
/* I have no clue why at a sudden a swap is needed to
|
1966
|
+
* convert from lsb... This code is purely based upon
|
1967
|
+
* trial and error :( WK
|
1968
|
+
*/
|
1969
|
+
ret = xmlSecBnSetNodeValue(&bn, node, xmlSecBnDec, 1, 0);
|
1970
|
+
if(ret < 0) {
|
1971
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1972
|
+
NULL,
|
1973
|
+
"xmlSecBnSetNodeValue",
|
1974
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
1975
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
1976
|
+
xmlSecBnFinalize(&bn);
|
1977
|
+
return(-1);
|
1978
|
+
}
|
1979
|
+
|
1980
|
+
xmlSecBnFinalize(&bn);
|
1981
|
+
return(0);
|
1982
|
+
}
|
1983
|
+
|
1984
|
+
static xmlChar*
|
1985
|
+
xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert) {
|
1986
|
+
xmlChar *res = NULL;
|
1987
|
+
DWORD dwSize;
|
1988
|
+
BYTE *bSKI = NULL;
|
1989
|
+
PCERT_EXTENSION pCertExt;
|
1990
|
+
|
1991
|
+
xmlSecAssert2(cert != NULL, NULL);
|
1992
|
+
|
1993
|
+
/* First check if the SKI extension actually exists, otherwise we get a SHA1 hash o fthe key/cert */
|
1994
|
+
pCertExt = CertFindExtension(szOID_SUBJECT_KEY_IDENTIFIER, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
|
1995
|
+
if (pCertExt == NULL) {
|
1996
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
1997
|
+
NULL,
|
1998
|
+
"CertFindExtension",
|
1999
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
2000
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2001
|
+
return (NULL);
|
2002
|
+
}
|
2003
|
+
|
2004
|
+
if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize) || dwSize < 1) {
|
2005
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2006
|
+
NULL,
|
2007
|
+
"CertGetCertificateContextProperty",
|
2008
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
2009
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2010
|
+
return (NULL);
|
2011
|
+
}
|
2012
|
+
bSKI = xmlMalloc(dwSize);
|
2013
|
+
if (NULL == bSKI) {
|
2014
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2015
|
+
NULL,
|
2016
|
+
"xmlMalloc",
|
2017
|
+
XMLSEC_ERRORS_R_MALLOC_FAILED,
|
2018
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2019
|
+
return (NULL);
|
2020
|
+
}
|
2021
|
+
|
2022
|
+
if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, bSKI, &dwSize)) {
|
2023
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2024
|
+
NULL,
|
2025
|
+
"CertGetCertificateContextProperty",
|
2026
|
+
XMLSEC_ERRORS_R_CRYPTO_FAILED,
|
2027
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2028
|
+
xmlFree(bSKI);
|
2029
|
+
return (NULL);
|
2030
|
+
}
|
2031
|
+
|
2032
|
+
if (NULL == bSKI) {
|
2033
|
+
return(NULL);
|
2034
|
+
}
|
2035
|
+
|
2036
|
+
res = xmlSecBase64Encode(bSKI, dwSize, 0);
|
2037
|
+
if(res == NULL) {
|
2038
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2039
|
+
NULL,
|
2040
|
+
"xmlSecBase64Encode",
|
2041
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2042
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2043
|
+
xmlFree(bSKI);
|
2044
|
+
return(NULL);
|
2045
|
+
}
|
2046
|
+
xmlFree(bSKI);
|
2047
|
+
|
2048
|
+
return(res);
|
2049
|
+
}
|
2050
|
+
|
2051
|
+
|
2052
|
+
static void
|
2053
|
+
xmlSecMSCryptoX509CertDebugDump(PCCERT_CONTEXT cert, FILE* output) {
|
2054
|
+
PCRYPT_INTEGER_BLOB sn;
|
2055
|
+
unsigned int i;
|
2056
|
+
xmlChar * subject = NULL;
|
2057
|
+
xmlChar * issuer = NULL;
|
2058
|
+
|
2059
|
+
xmlSecAssert(cert != NULL);
|
2060
|
+
xmlSecAssert(output != NULL);
|
2061
|
+
|
2062
|
+
fprintf(output, "=== X509 Certificate\n");
|
2063
|
+
|
2064
|
+
/* subject */
|
2065
|
+
subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
|
2066
|
+
if(subject == NULL) {
|
2067
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2068
|
+
"xmlSecMSCryptoX509GetNameString",
|
2069
|
+
NULL,
|
2070
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2071
|
+
"subject");
|
2072
|
+
goto done;
|
2073
|
+
}
|
2074
|
+
fprintf(output, "==== Subject Name: %s\n", subject);
|
2075
|
+
|
2076
|
+
/* issuer */
|
2077
|
+
issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
|
2078
|
+
if(issuer == NULL) {
|
2079
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2080
|
+
"xmlSecMSCryptoX509GetNameString",
|
2081
|
+
NULL,
|
2082
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2083
|
+
"issuer");
|
2084
|
+
goto done;
|
2085
|
+
}
|
2086
|
+
fprintf(output, "==== Issuer Name: %s\n", issuer);
|
2087
|
+
|
2088
|
+
/* serial number */
|
2089
|
+
sn = &(cert->pCertInfo->SerialNumber);
|
2090
|
+
for (i = 0; i < sn->cbData; i++) {
|
2091
|
+
if (i != sn->cbData - 1) {
|
2092
|
+
fprintf(output, "%02x:", sn->pbData[i]);
|
2093
|
+
} else {
|
2094
|
+
fprintf(output, "%02x", sn->pbData[i]);
|
2095
|
+
}
|
2096
|
+
}
|
2097
|
+
fprintf(output, "\n");
|
2098
|
+
|
2099
|
+
done:
|
2100
|
+
if (subject) xmlFree(subject);
|
2101
|
+
if (issuer) xmlFree(issuer);
|
2102
|
+
}
|
2103
|
+
|
2104
|
+
|
2105
|
+
static void
|
2106
|
+
xmlSecMSCryptoX509CertDebugXmlDump(PCCERT_CONTEXT cert, FILE* output) {
|
2107
|
+
PCRYPT_INTEGER_BLOB sn;
|
2108
|
+
unsigned int i;
|
2109
|
+
xmlChar * subject = NULL;
|
2110
|
+
xmlChar * issuer = NULL;
|
2111
|
+
|
2112
|
+
xmlSecAssert(cert != NULL);
|
2113
|
+
xmlSecAssert(output != NULL);
|
2114
|
+
|
2115
|
+
/* subject */
|
2116
|
+
subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
|
2117
|
+
if(subject == NULL) {
|
2118
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2119
|
+
"xmlSecMSCryptoX509GetNameString",
|
2120
|
+
NULL,
|
2121
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2122
|
+
"subject");
|
2123
|
+
goto done;
|
2124
|
+
}
|
2125
|
+
fprintf(output, "<SubjectName>");
|
2126
|
+
xmlSecPrintXmlString(output, BAD_CAST subject);
|
2127
|
+
fprintf(output, "</SubjectName>\n");
|
2128
|
+
|
2129
|
+
/* issuer */
|
2130
|
+
issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
|
2131
|
+
if(issuer == NULL) {
|
2132
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2133
|
+
"xmlSecMSCryptoX509GetNameString",
|
2134
|
+
NULL,
|
2135
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2136
|
+
"issuer");
|
2137
|
+
goto done;
|
2138
|
+
}
|
2139
|
+
fprintf(output, "<IssuerName>");
|
2140
|
+
xmlSecPrintXmlString(output, BAD_CAST issuer);
|
2141
|
+
fprintf(output, "</IssuerName>\n");
|
2142
|
+
|
2143
|
+
/* serial */
|
2144
|
+
fprintf(output, "<SerialNumber>");
|
2145
|
+
sn = &(cert->pCertInfo->SerialNumber);
|
2146
|
+
for (i = 0; i < sn->cbData; i++) {
|
2147
|
+
if (i != sn->cbData - 1) {
|
2148
|
+
fprintf(output, "%02x:", sn->pbData[i]);
|
2149
|
+
} else {
|
2150
|
+
fprintf(output, "%02x", sn->pbData[i]);
|
2151
|
+
}
|
2152
|
+
}
|
2153
|
+
fprintf(output, "</SerialNumber>\n");
|
2154
|
+
|
2155
|
+
done:
|
2156
|
+
xmlFree(subject);
|
2157
|
+
xmlFree(issuer);
|
2158
|
+
}
|
2159
|
+
|
2160
|
+
|
2161
|
+
/**************************************************************************
|
2162
|
+
*
|
2163
|
+
* Raw X509 Certificate processing
|
2164
|
+
*
|
2165
|
+
*
|
2166
|
+
*************************************************************************/
|
2167
|
+
static int xmlSecMSCryptoKeyDataRawX509CertBinRead (xmlSecKeyDataId id,
|
2168
|
+
xmlSecKeyPtr key,
|
2169
|
+
const xmlSecByte* buf,
|
2170
|
+
xmlSecSize bufSize,
|
2171
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx);
|
2172
|
+
|
2173
|
+
static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRawX509CertKlass = {
|
2174
|
+
sizeof(xmlSecKeyDataKlass),
|
2175
|
+
sizeof(xmlSecKeyData),
|
2176
|
+
|
2177
|
+
/* data */
|
2178
|
+
xmlSecNameRawX509Cert,
|
2179
|
+
xmlSecKeyDataUsageRetrievalMethodNodeBin,
|
2180
|
+
/* xmlSecKeyDataUsage usage; */
|
2181
|
+
xmlSecHrefRawX509Cert, /* const xmlChar* href; */
|
2182
|
+
NULL, /* const xmlChar* dataNodeName; */
|
2183
|
+
xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
|
2184
|
+
|
2185
|
+
/* constructors/destructor */
|
2186
|
+
NULL, /* xmlSecKeyDataInitializeMethod initialize; */
|
2187
|
+
NULL, /* xmlSecKeyDataDuplicateMethod duplicate; */
|
2188
|
+
NULL, /* xmlSecKeyDataFinalizeMethod finalize; */
|
2189
|
+
NULL, /* xmlSecKeyDataGenerateMethod generate; */
|
2190
|
+
|
2191
|
+
/* get info */
|
2192
|
+
NULL, /* xmlSecKeyDataGetTypeMethod getType; */
|
2193
|
+
NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
|
2194
|
+
NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
|
2195
|
+
|
2196
|
+
/* read/write */
|
2197
|
+
NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
|
2198
|
+
NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
|
2199
|
+
xmlSecMSCryptoKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
|
2200
|
+
NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
|
2201
|
+
|
2202
|
+
/* debug */
|
2203
|
+
NULL, /* xmlSecKeyDataDebugDumpMethod debugDump; */
|
2204
|
+
NULL, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
|
2205
|
+
|
2206
|
+
/* reserved for the future */
|
2207
|
+
NULL, /* void* reserved0; */
|
2208
|
+
NULL, /* void* reserved1; */
|
2209
|
+
};
|
2210
|
+
|
2211
|
+
/**
|
2212
|
+
* xmlSecMSCryptoKeyDataRawX509CertGetKlass:
|
2213
|
+
*
|
2214
|
+
* The raw X509 certificates key data klass.
|
2215
|
+
*
|
2216
|
+
* Returns: raw X509 certificates key data klass.
|
2217
|
+
*/
|
2218
|
+
xmlSecKeyDataId
|
2219
|
+
xmlSecMSCryptoKeyDataRawX509CertGetKlass(void) {
|
2220
|
+
return(&xmlSecMSCryptoKeyDataRawX509CertKlass);
|
2221
|
+
}
|
2222
|
+
|
2223
|
+
static int
|
2224
|
+
xmlSecMSCryptoKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
|
2225
|
+
const xmlSecByte* buf, xmlSecSize bufSize,
|
2226
|
+
xmlSecKeyInfoCtxPtr keyInfoCtx) {
|
2227
|
+
xmlSecKeyDataPtr data;
|
2228
|
+
PCCERT_CONTEXT cert;
|
2229
|
+
int ret;
|
2230
|
+
|
2231
|
+
xmlSecAssert2(id == xmlSecMSCryptoKeyDataRawX509CertId, -1);
|
2232
|
+
xmlSecAssert2(key != NULL, -1);
|
2233
|
+
xmlSecAssert2(buf != NULL, -1);
|
2234
|
+
xmlSecAssert2(bufSize > 0, -1);
|
2235
|
+
xmlSecAssert2(keyInfoCtx != NULL, -1);
|
2236
|
+
|
2237
|
+
cert = xmlSecMSCryptoX509CertDerRead(buf, bufSize);
|
2238
|
+
if(cert == NULL) {
|
2239
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2240
|
+
NULL,
|
2241
|
+
"xmlSecMSCryptoX509CertDerRead",
|
2242
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2243
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2244
|
+
return(-1);
|
2245
|
+
}
|
2246
|
+
|
2247
|
+
data = xmlSecKeyEnsureData(key, xmlSecMSCryptoKeyDataX509Id);
|
2248
|
+
if(data == NULL) {
|
2249
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2250
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
2251
|
+
"xmlSecKeyEnsureData",
|
2252
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2253
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2254
|
+
CertFreeCertificateContext(cert);
|
2255
|
+
return(-1);
|
2256
|
+
}
|
2257
|
+
|
2258
|
+
ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
|
2259
|
+
if(ret < 0) {
|
2260
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2261
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
2262
|
+
"xmlSecMSCryptoKeyDataX509AdoptCert",
|
2263
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2264
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2265
|
+
CertFreeCertificateContext(cert);
|
2266
|
+
return(-1);
|
2267
|
+
}
|
2268
|
+
|
2269
|
+
ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
|
2270
|
+
if(ret < 0) {
|
2271
|
+
xmlSecError(XMLSEC_ERRORS_HERE,
|
2272
|
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
|
2273
|
+
"xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
|
2274
|
+
XMLSEC_ERRORS_R_XMLSEC_FAILED,
|
2275
|
+
XMLSEC_ERRORS_NO_MESSAGE);
|
2276
|
+
return(-1);
|
2277
|
+
}
|
2278
|
+
return(0);
|
2279
|
+
}
|
2280
|
+
|
2281
|
+
#endif /* XMLSEC_NO_X509 */
|