xmlsec-shim 1.2.18.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (969) hide show
  1. data/.gitignore +17 -0
  2. data/Gemfile +4 -0
  3. data/README.md +2 -0
  4. data/Rakefile +2 -0
  5. data/ext/xmlsec/extconf.rb +14 -0
  6. data/lib/xmlsec-shim.rb +27 -0
  7. data/lib/xmlsec-shim/version.rb +5 -0
  8. data/vendor/xmlsec1-1.2.18/AUTHORS +8 -0
  9. data/vendor/xmlsec1-1.2.18/COPYING +105 -0
  10. data/vendor/xmlsec1-1.2.18/ChangeLog +1810 -0
  11. data/vendor/xmlsec1-1.2.18/Copyright +105 -0
  12. data/vendor/xmlsec1-1.2.18/HACKING +199 -0
  13. data/vendor/xmlsec1-1.2.18/INSTALL +38 -0
  14. data/vendor/xmlsec1-1.2.18/Makefile.am +186 -0
  15. data/vendor/xmlsec1-1.2.18/Makefile.in +1155 -0
  16. data/vendor/xmlsec1-1.2.18/NEWS +1 -0
  17. data/vendor/xmlsec1-1.2.18/README +15 -0
  18. data/vendor/xmlsec1-1.2.18/TODO +156 -0
  19. data/vendor/xmlsec1-1.2.18/aclocal.m4 +1197 -0
  20. data/vendor/xmlsec1-1.2.18/apps/Makefile.am +84 -0
  21. data/vendor/xmlsec1-1.2.18/apps/Makefile.in +694 -0
  22. data/vendor/xmlsec1-1.2.18/apps/cmdline.c +355 -0
  23. data/vendor/xmlsec1-1.2.18/apps/cmdline.h +89 -0
  24. data/vendor/xmlsec1-1.2.18/apps/crypto.c +396 -0
  25. data/vendor/xmlsec1-1.2.18/apps/crypto.h +70 -0
  26. data/vendor/xmlsec1-1.2.18/apps/xmlsec.c +3058 -0
  27. data/vendor/xmlsec1-1.2.18/config.guess +1502 -0
  28. data/vendor/xmlsec1-1.2.18/config.h.in +134 -0
  29. data/vendor/xmlsec1-1.2.18/config.sub +1714 -0
  30. data/vendor/xmlsec1-1.2.18/configure +17363 -0
  31. data/vendor/xmlsec1-1.2.18/configure.in +1633 -0
  32. data/vendor/xmlsec1-1.2.18/depcomp +630 -0
  33. data/vendor/xmlsec1-1.2.18/docs/Makefile.am +65 -0
  34. data/vendor/xmlsec1-1.2.18/docs/Makefile.in +721 -0
  35. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.am +209 -0
  36. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.in +664 -0
  37. data/vendor/xmlsec1-1.2.18/docs/api/chapters/compiling-and-linking.sgml +252 -0
  38. data/vendor/xmlsec1-1.2.18/docs/api/chapters/creating-templates.sgml +325 -0
  39. data/vendor/xmlsec1-1.2.18/docs/api/chapters/examples.sgml +102 -0
  40. data/vendor/xmlsec1-1.2.18/docs/api/chapters/init-and-shutdown.sgml +104 -0
  41. data/vendor/xmlsec1-1.2.18/docs/api/chapters/new-crypto.sgml +487 -0
  42. data/vendor/xmlsec1-1.2.18/docs/api/chapters/sign-and-encrypt.sgml +286 -0
  43. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-contexts.sgml +138 -0
  44. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keys.sgml +26 -0
  45. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keysmngr.sgml +592 -0
  46. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-transforms.sgml +67 -0
  47. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-x509-certs.sgml +197 -0
  48. data/vendor/xmlsec1-1.2.18/docs/api/chapters/verify-and-decrypt.sgml +265 -0
  49. data/vendor/xmlsec1-1.2.18/docs/api/home.png +0 -0
  50. data/vendor/xmlsec1-1.2.18/docs/api/images/diagrams.sxd +0 -0
  51. data/vendor/xmlsec1-1.2.18/docs/api/images/encryption-structure.png +0 -0
  52. data/vendor/xmlsec1-1.2.18/docs/api/images/key.png +0 -0
  53. data/vendor/xmlsec1-1.2.18/docs/api/images/keysmngr.png +0 -0
  54. data/vendor/xmlsec1-1.2.18/docs/api/images/sign-enc-model.png +0 -0
  55. data/vendor/xmlsec1-1.2.18/docs/api/images/signature-structure.png +0 -0
  56. data/vendor/xmlsec1-1.2.18/docs/api/images/structure.png +0 -0
  57. data/vendor/xmlsec1-1.2.18/docs/api/images/transform.png +0 -0
  58. data/vendor/xmlsec1-1.2.18/docs/api/images/transforms-chain.png +0 -0
  59. data/vendor/xmlsec1-1.2.18/docs/api/images/verif-dec-model.png +0 -0
  60. data/vendor/xmlsec1-1.2.18/docs/api/index.html +307 -0
  61. data/vendor/xmlsec1-1.2.18/docs/api/index.sgml +43 -0
  62. data/vendor/xmlsec1-1.2.18/docs/api/left.png +0 -0
  63. data/vendor/xmlsec1-1.2.18/docs/api/right.png +0 -0
  64. data/vendor/xmlsec1-1.2.18/docs/api/up.png +0 -0
  65. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-app.html +1525 -0
  66. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-base64.html +357 -0
  67. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-bn.html +705 -0
  68. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-buffer.html +603 -0
  69. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-custom-keys-manager.html +475 -0
  70. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-keys-mngr.html +396 -0
  71. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-signle-key.html +326 -0
  72. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-dl.html +245 -0
  73. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-dynamic-template.html +386 -0
  74. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-template-file.html +364 -0
  75. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-with-session-key.html +495 -0
  76. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encryption-klasses.html +101 -0
  77. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-errors.html +744 -0
  78. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-dynamimc-template.html +406 -0
  79. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-template-file.html +388 -0
  80. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-x509.html +447 -0
  81. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples.html +119 -0
  82. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-app.html +578 -0
  83. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-crypto.html +1128 -0
  84. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-ref.html +107 -0
  85. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt.sgml +15 -0
  86. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-app.html +576 -0
  87. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-crypto.html +1076 -0
  88. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-ref.html +107 -0
  89. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls.sgml +15 -0
  90. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.html +1570 -0
  91. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.sgml +1471 -0
  92. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-io.html +226 -0
  93. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keyinfo.html +700 -0
  94. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keys.html +1161 -0
  95. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysdata.html +2067 -0
  96. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysmngr.html +743 -0
  97. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-list.html +643 -0
  98. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-membuf.html +143 -0
  99. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-app.html +747 -0
  100. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-certkeys.html +252 -0
  101. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-crypto.html +1153 -0
  102. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-keysstore.html +209 -0
  103. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-ref.html +113 -0
  104. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-x509.html +478 -0
  105. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto.sgml +21 -0
  106. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nodeset.html +542 -0
  107. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-others.html +102 -0
  108. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-unix.html +223 -0
  109. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-windows.html +138 -0
  110. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling.html +117 -0
  111. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-contexts.html +229 -0
  112. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-custom-keys-store.html +250 -0
  113. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-decrypt.html +205 -0
  114. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-encryption-templates.html +240 -0
  115. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-signature-templates.html +250 -0
  116. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-encrypt.html +223 -0
  117. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-include-files.html +141 -0
  118. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-init-shutdown.html +194 -0
  119. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-manager-sign-enc.html +307 -0
  120. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-mngr-verify-decrypt.html +179 -0
  121. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys.html +120 -0
  122. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keysmngr.html +140 -0
  123. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-functions.html +151 -0
  124. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-key-stores.html +83 -0
  125. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-keys.html +103 -0
  126. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-klasses.html +217 -0
  127. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-sharing-results.html +125 -0
  128. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-simple-keys-mngr.html +102 -0
  129. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-skeleton.html +254 -0
  130. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-transforms.html +170 -0
  131. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto.html +136 -0
  132. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-overview.html +102 -0
  133. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-encrypt.html +120 -0
  134. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-x509.html +176 -0
  135. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign.html +210 -0
  136. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-simple-keys-store.html +177 -0
  137. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-structure.html +115 -0
  138. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-templates.html +114 -0
  139. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-transforms.html +154 -0
  140. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-decrypt.html +120 -0
  141. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-x509.html +180 -0
  142. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify.html +210 -0
  143. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-x509.html +114 -0
  144. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes.html +115 -0
  145. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-app.html +740 -0
  146. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-bignum.html +176 -0
  147. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-crypto.html +978 -0
  148. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-keysstore.html +209 -0
  149. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-pkikeys.html +211 -0
  150. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-ref.html +115 -0
  151. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-x509.html +467 -0
  152. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss.sgml +23 -0
  153. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-app.html +800 -0
  154. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-bn.html +170 -0
  155. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-crypto.html +1329 -0
  156. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-evp.html +184 -0
  157. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-ref.html +113 -0
  158. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-x509.html +567 -0
  159. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl.sgml +21 -0
  160. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-parser.html +223 -0
  161. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-ref.html +149 -0
  162. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-reference.html +106 -0
  163. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-signature-klasses.html +101 -0
  164. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-templates.html +1290 -0
  165. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-transforms.html +3059 -0
  166. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-key.html +318 -0
  167. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-keys-mngr.html +388 -0
  168. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-restrictions.html +715 -0
  169. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-x509.html +369 -0
  170. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-version.html +143 -0
  171. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-x509.html +181 -0
  172. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmldsig.html +853 -0
  173. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlenc.html +584 -0
  174. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlsec.html +300 -0
  175. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmltree.html +1529 -0
  176. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec.sgml +307 -0
  177. data/vendor/xmlsec1-1.2.18/docs/authors.html +59 -0
  178. data/vendor/xmlsec1-1.2.18/docs/bugs.html +106 -0
  179. data/vendor/xmlsec1-1.2.18/docs/c14n.html +73 -0
  180. data/vendor/xmlsec1-1.2.18/docs/documentation.html +65 -0
  181. data/vendor/xmlsec1-1.2.18/docs/download.html +115 -0
  182. data/vendor/xmlsec1-1.2.18/docs/faq.html +449 -0
  183. data/vendor/xmlsec1-1.2.18/docs/images/bart.gif +0 -0
  184. data/vendor/xmlsec1-1.2.18/docs/images/libxml2-logo.png +0 -0
  185. data/vendor/xmlsec1-1.2.18/docs/images/libxslt-logo.png +0 -0
  186. data/vendor/xmlsec1-1.2.18/docs/images/logo.gif +0 -0
  187. data/vendor/xmlsec1-1.2.18/docs/images/openssl-logo.png +0 -0
  188. data/vendor/xmlsec1-1.2.18/docs/images/xmlsec-logo.gif +0 -0
  189. data/vendor/xmlsec1-1.2.18/docs/index.html +109 -0
  190. data/vendor/xmlsec1-1.2.18/docs/news.html +545 -0
  191. data/vendor/xmlsec1-1.2.18/docs/related.html +165 -0
  192. data/vendor/xmlsec1-1.2.18/docs/xmldsig-verifier.html +138 -0
  193. data/vendor/xmlsec1-1.2.18/docs/xmldsig.html +646 -0
  194. data/vendor/xmlsec1-1.2.18/docs/xmlenc.html +464 -0
  195. data/vendor/xmlsec1-1.2.18/docs/xmlsec-man.html +291 -0
  196. data/vendor/xmlsec1-1.2.18/docs/xmlsec.xsl +194 -0
  197. data/vendor/xmlsec1-1.2.18/examples/Makefile +40 -0
  198. data/vendor/xmlsec1-1.2.18/examples/Makefile.w32 +88 -0
  199. data/vendor/xmlsec1-1.2.18/examples/README +126 -0
  200. data/vendor/xmlsec1-1.2.18/examples/binary.dat +1 -0
  201. data/vendor/xmlsec1-1.2.18/examples/decrypt1.c +223 -0
  202. data/vendor/xmlsec1-1.2.18/examples/decrypt2.c +293 -0
  203. data/vendor/xmlsec1-1.2.18/examples/decrypt3.c +372 -0
  204. data/vendor/xmlsec1-1.2.18/examples/deskey.bin +1 -0
  205. data/vendor/xmlsec1-1.2.18/examples/encrypt1-res.xml +13 -0
  206. data/vendor/xmlsec1-1.2.18/examples/encrypt1-tmpl.xml +13 -0
  207. data/vendor/xmlsec1-1.2.18/examples/encrypt1.c +219 -0
  208. data/vendor/xmlsec1-1.2.18/examples/encrypt2-doc.xml +9 -0
  209. data/vendor/xmlsec1-1.2.18/examples/encrypt2-res.xml +14 -0
  210. data/vendor/xmlsec1-1.2.18/examples/encrypt2.c +244 -0
  211. data/vendor/xmlsec1-1.2.18/examples/encrypt3-doc.xml +9 -0
  212. data/vendor/xmlsec1-1.2.18/examples/encrypt3-res.xml +27 -0
  213. data/vendor/xmlsec1-1.2.18/examples/encrypt3.c +340 -0
  214. data/vendor/xmlsec1-1.2.18/examples/mywin32make.bat +18 -0
  215. data/vendor/xmlsec1-1.2.18/examples/rootcert.pem +25 -0
  216. data/vendor/xmlsec1-1.2.18/examples/rsacert.pem +83 -0
  217. data/vendor/xmlsec1-1.2.18/examples/rsakey.pem +27 -0
  218. data/vendor/xmlsec1-1.2.18/examples/rsapub.pem +9 -0
  219. data/vendor/xmlsec1-1.2.18/examples/sign1-res.xml +31 -0
  220. data/vendor/xmlsec1-1.2.18/examples/sign1-tmpl.xml +27 -0
  221. data/vendor/xmlsec1-1.2.18/examples/sign1.c +212 -0
  222. data/vendor/xmlsec1-1.2.18/examples/sign2-doc.xml +9 -0
  223. data/vendor/xmlsec1-1.2.18/examples/sign2-res.xml +30 -0
  224. data/vendor/xmlsec1-1.2.18/examples/sign2.c +248 -0
  225. data/vendor/xmlsec1-1.2.18/examples/sign3-doc.xml +9 -0
  226. data/vendor/xmlsec1-1.2.18/examples/sign3-res.xml +58 -0
  227. data/vendor/xmlsec1-1.2.18/examples/sign3.c +261 -0
  228. data/vendor/xmlsec1-1.2.18/examples/verify1.c +215 -0
  229. data/vendor/xmlsec1-1.2.18/examples/verify2.c +285 -0
  230. data/vendor/xmlsec1-1.2.18/examples/verify3.c +266 -0
  231. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-res.xml +90 -0
  232. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-tmpl.xml +54 -0
  233. data/vendor/xmlsec1-1.2.18/examples/verify4-res.xml +80 -0
  234. data/vendor/xmlsec1-1.2.18/examples/verify4-tmpl.xml +47 -0
  235. data/vendor/xmlsec1-1.2.18/examples/verify4.c +309 -0
  236. data/vendor/xmlsec1-1.2.18/examples/xkms-server.c +839 -0
  237. data/vendor/xmlsec1-1.2.18/examples/xmldsigverify.c +381 -0
  238. data/vendor/xmlsec1-1.2.18/include/Makefile.am +4 -0
  239. data/vendor/xmlsec1-1.2.18/include/Makefile.in +656 -0
  240. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.am +63 -0
  241. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.in +767 -0
  242. data/vendor/xmlsec1-1.2.18/include/xmlsec/app.h +424 -0
  243. data/vendor/xmlsec1-1.2.18/include/xmlsec/base64.h +67 -0
  244. data/vendor/xmlsec1-1.2.18/include/xmlsec/bn.h +99 -0
  245. data/vendor/xmlsec1-1.2.18/include/xmlsec/buffer.h +108 -0
  246. data/vendor/xmlsec1-1.2.18/include/xmlsec/crypto.h +75 -0
  247. data/vendor/xmlsec1-1.2.18/include/xmlsec/dl.h +56 -0
  248. data/vendor/xmlsec1-1.2.18/include/xmlsec/errors.h +504 -0
  249. data/vendor/xmlsec1-1.2.18/include/xmlsec/exports.h +111 -0
  250. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.am +13 -0
  251. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.in +564 -0
  252. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/app.h +96 -0
  253. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/crypto.h +460 -0
  254. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/symbols.h +104 -0
  255. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.am +14 -0
  256. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.in +565 -0
  257. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/app.h +96 -0
  258. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/crypto.h +462 -0
  259. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/symbols.h +104 -0
  260. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/x509.h +110 -0
  261. data/vendor/xmlsec1-1.2.18/include/xmlsec/io.h +54 -0
  262. data/vendor/xmlsec1-1.2.18/include/xmlsec/keyinfo.h +285 -0
  263. data/vendor/xmlsec1-1.2.18/include/xmlsec/keys.h +278 -0
  264. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysdata.h +837 -0
  265. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysmngr.h +264 -0
  266. data/vendor/xmlsec1-1.2.18/include/xmlsec/list.h +194 -0
  267. data/vendor/xmlsec1-1.2.18/include/xmlsec/membuf.h +44 -0
  268. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.am +16 -0
  269. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.in +567 -0
  270. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/app.h +116 -0
  271. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/certkeys.h +42 -0
  272. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/crypto.h +516 -0
  273. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/keysstore.h +48 -0
  274. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/symbols.h +114 -0
  275. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/x509.h +92 -0
  276. data/vendor/xmlsec1-1.2.18/include/xmlsec/nodeset.h +139 -0
  277. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.am +17 -0
  278. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.in +568 -0
  279. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/app.h +118 -0
  280. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/bignum.h +37 -0
  281. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/crypto.h +469 -0
  282. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/keysstore.h +46 -0
  283. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/pkikeys.h +44 -0
  284. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/symbols.h +106 -0
  285. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/x509.h +91 -0
  286. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.am +16 -0
  287. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.in +567 -0
  288. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/app.h +128 -0
  289. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/bn.h +35 -0
  290. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/crypto.h +561 -0
  291. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/evp.h +44 -0
  292. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/symbols.h +123 -0
  293. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/x509.h +109 -0
  294. data/vendor/xmlsec1-1.2.18/include/xmlsec/parser.h +51 -0
  295. data/vendor/xmlsec1-1.2.18/include/xmlsec/private.h +489 -0
  296. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.am +12 -0
  297. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.in +563 -0
  298. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xkms.h +121 -0
  299. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xslt.h +34 -0
  300. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/Makefile.am +13 -0
  301. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/app.h +97 -0
  302. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/crypto.h +40 -0
  303. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/symbols.h +117 -0
  304. data/vendor/xmlsec1-1.2.18/include/xmlsec/soap.h +130 -0
  305. data/vendor/xmlsec1-1.2.18/include/xmlsec/strings.h +610 -0
  306. data/vendor/xmlsec1-1.2.18/include/xmlsec/templates.h +162 -0
  307. data/vendor/xmlsec1-1.2.18/include/xmlsec/transforms.h +994 -0
  308. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h +61 -0
  309. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h.in +61 -0
  310. data/vendor/xmlsec1-1.2.18/include/xmlsec/x509.h +80 -0
  311. data/vendor/xmlsec1-1.2.18/include/xmlsec/xkms.h +652 -0
  312. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmldsig.h +281 -0
  313. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlenc.h +163 -0
  314. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlsec.h +216 -0
  315. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmltree.h +275 -0
  316. data/vendor/xmlsec1-1.2.18/install-sh +520 -0
  317. data/vendor/xmlsec1-1.2.18/ltmain.sh +8413 -0
  318. data/vendor/xmlsec1-1.2.18/m4/libtool.m4 +7377 -0
  319. data/vendor/xmlsec1-1.2.18/m4/ltoptions.m4 +368 -0
  320. data/vendor/xmlsec1-1.2.18/m4/ltsugar.m4 +123 -0
  321. data/vendor/xmlsec1-1.2.18/m4/ltversion.m4 +23 -0
  322. data/vendor/xmlsec1-1.2.18/m4/lt~obsolete.m4 +92 -0
  323. data/vendor/xmlsec1-1.2.18/man/Makefile.am +52 -0
  324. data/vendor/xmlsec1-1.2.18/man/Makefile.in +582 -0
  325. data/vendor/xmlsec1-1.2.18/man/xmlsec1-config.1 +34 -0
  326. data/vendor/xmlsec1-1.2.18/man/xmlsec1.1 +269 -0
  327. data/vendor/xmlsec1-1.2.18/missing +376 -0
  328. data/vendor/xmlsec1-1.2.18/scripts/build_release.sh +33 -0
  329. data/vendor/xmlsec1-1.2.18/scripts/change-release.sh +34 -0
  330. data/vendor/xmlsec1-1.2.18/scripts/push_release.sh +30 -0
  331. data/vendor/xmlsec1-1.2.18/scripts/remove-gtkdoclink.pl +20 -0
  332. data/vendor/xmlsec1-1.2.18/scripts/test_errors.pl +38 -0
  333. data/vendor/xmlsec1-1.2.18/scripts/test_release.sh +12 -0
  334. data/vendor/xmlsec1-1.2.18/src/Makefile.am +71 -0
  335. data/vendor/xmlsec1-1.2.18/src/Makefile.in +878 -0
  336. data/vendor/xmlsec1-1.2.18/src/app.c +1498 -0
  337. data/vendor/xmlsec1-1.2.18/src/base64.c +1034 -0
  338. data/vendor/xmlsec1-1.2.18/src/bn.c +1060 -0
  339. data/vendor/xmlsec1-1.2.18/src/buffer.c +674 -0
  340. data/vendor/xmlsec1-1.2.18/src/c14n.c +801 -0
  341. data/vendor/xmlsec1-1.2.18/src/dl.c +994 -0
  342. data/vendor/xmlsec1-1.2.18/src/enveloped.c +152 -0
  343. data/vendor/xmlsec1-1.2.18/src/errors.c +242 -0
  344. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.am +55 -0
  345. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.in +764 -0
  346. data/vendor/xmlsec1-1.2.18/src/gcrypt/README +9 -0
  347. data/vendor/xmlsec1-1.2.18/src/gcrypt/app.c +663 -0
  348. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.c +602 -0
  349. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.h +39 -0
  350. data/vendor/xmlsec1-1.2.18/src/gcrypt/asymkeys.c +1920 -0
  351. data/vendor/xmlsec1-1.2.18/src/gcrypt/ciphers.c +855 -0
  352. data/vendor/xmlsec1-1.2.18/src/gcrypt/crypto.c +315 -0
  353. data/vendor/xmlsec1-1.2.18/src/gcrypt/digests.c +614 -0
  354. data/vendor/xmlsec1-1.2.18/src/gcrypt/globals.h +30 -0
  355. data/vendor/xmlsec1-1.2.18/src/gcrypt/hmac.c +823 -0
  356. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_aes.c +593 -0
  357. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_des.c +607 -0
  358. data/vendor/xmlsec1-1.2.18/src/gcrypt/signatures.c +1490 -0
  359. data/vendor/xmlsec1-1.2.18/src/gcrypt/symkeys.c +441 -0
  360. data/vendor/xmlsec1-1.2.18/src/globals.h +25 -0
  361. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.am +58 -0
  362. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.in +786 -0
  363. data/vendor/xmlsec1-1.2.18/src/gnutls/README +6 -0
  364. data/vendor/xmlsec1-1.2.18/src/gnutls/app.c +998 -0
  365. data/vendor/xmlsec1-1.2.18/src/gnutls/asymkeys.c +455 -0
  366. data/vendor/xmlsec1-1.2.18/src/gnutls/ciphers.c +82 -0
  367. data/vendor/xmlsec1-1.2.18/src/gnutls/crypto.c +351 -0
  368. data/vendor/xmlsec1-1.2.18/src/gnutls/digests.c +112 -0
  369. data/vendor/xmlsec1-1.2.18/src/gnutls/globals.h +31 -0
  370. data/vendor/xmlsec1-1.2.18/src/gnutls/hmac.c +141 -0
  371. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_aes.c +72 -0
  372. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_des.c +51 -0
  373. data/vendor/xmlsec1-1.2.18/src/gnutls/signatures.c +148 -0
  374. data/vendor/xmlsec1-1.2.18/src/gnutls/symkeys.c +125 -0
  375. data/vendor/xmlsec1-1.2.18/src/gnutls/x509.c +1960 -0
  376. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.c +1687 -0
  377. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.h +143 -0
  378. data/vendor/xmlsec1-1.2.18/src/gnutls/x509vfy.c +802 -0
  379. data/vendor/xmlsec1-1.2.18/src/io.c +496 -0
  380. data/vendor/xmlsec1-1.2.18/src/keyinfo.c +1561 -0
  381. data/vendor/xmlsec1-1.2.18/src/keys.c +1415 -0
  382. data/vendor/xmlsec1-1.2.18/src/keysdata.c +1387 -0
  383. data/vendor/xmlsec1-1.2.18/src/keysmngr.c +745 -0
  384. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.c +493 -0
  385. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.h +148 -0
  386. data/vendor/xmlsec1-1.2.18/src/list.c +534 -0
  387. data/vendor/xmlsec1-1.2.18/src/membuf.c +209 -0
  388. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.am +62 -0
  389. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.in +799 -0
  390. data/vendor/xmlsec1-1.2.18/src/mscrypto/README +39 -0
  391. data/vendor/xmlsec1-1.2.18/src/mscrypto/app.c +1289 -0
  392. data/vendor/xmlsec1-1.2.18/src/mscrypto/certkeys.c +2615 -0
  393. data/vendor/xmlsec1-1.2.18/src/mscrypto/ciphers.c +937 -0
  394. data/vendor/xmlsec1-1.2.18/src/mscrypto/crypto.c +889 -0
  395. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_calg.h +105 -0
  396. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_oid.h +114 -0
  397. data/vendor/xmlsec1-1.2.18/src/mscrypto/digests.c +668 -0
  398. data/vendor/xmlsec1-1.2.18/src/mscrypto/globals.h +39 -0
  399. data/vendor/xmlsec1-1.2.18/src/mscrypto/hmac.c +963 -0
  400. data/vendor/xmlsec1-1.2.18/src/mscrypto/keysstore.c +620 -0
  401. data/vendor/xmlsec1-1.2.18/src/mscrypto/kt_rsa.c +631 -0
  402. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_aes.c +662 -0
  403. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_des.c +730 -0
  404. data/vendor/xmlsec1-1.2.18/src/mscrypto/mingw-crypt32.def +36 -0
  405. data/vendor/xmlsec1-1.2.18/src/mscrypto/private.h +130 -0
  406. data/vendor/xmlsec1-1.2.18/src/mscrypto/signatures.c +960 -0
  407. data/vendor/xmlsec1-1.2.18/src/mscrypto/symkeys.c +824 -0
  408. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509.c +2281 -0
  409. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509vfy.c +1406 -0
  410. data/vendor/xmlsec1-1.2.18/src/mscrypto/xmlsec-mingw.h +210 -0
  411. data/vendor/xmlsec1-1.2.18/src/nodeset.c +610 -0
  412. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.am +57 -0
  413. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.in +798 -0
  414. data/vendor/xmlsec1-1.2.18/src/nss/README +128 -0
  415. data/vendor/xmlsec1-1.2.18/src/nss/app.c +1598 -0
  416. data/vendor/xmlsec1-1.2.18/src/nss/bignum.c +163 -0
  417. data/vendor/xmlsec1-1.2.18/src/nss/ciphers.c +838 -0
  418. data/vendor/xmlsec1-1.2.18/src/nss/crypto.c +444 -0
  419. data/vendor/xmlsec1-1.2.18/src/nss/digests.c +576 -0
  420. data/vendor/xmlsec1-1.2.18/src/nss/globals.h +24 -0
  421. data/vendor/xmlsec1-1.2.18/src/nss/hmac.c +855 -0
  422. data/vendor/xmlsec1-1.2.18/src/nss/keysstore.c +485 -0
  423. data/vendor/xmlsec1-1.2.18/src/nss/keytrans.c +753 -0
  424. data/vendor/xmlsec1-1.2.18/src/nss/kw_aes.c +681 -0
  425. data/vendor/xmlsec1-1.2.18/src/nss/kw_des.c +663 -0
  426. data/vendor/xmlsec1-1.2.18/src/nss/pkikeys.c +1554 -0
  427. data/vendor/xmlsec1-1.2.18/src/nss/signatures.c +841 -0
  428. data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c +440 -0
  429. data/vendor/xmlsec1-1.2.18/src/nss/x509.c +2223 -0
  430. data/vendor/xmlsec1-1.2.18/src/nss/x509vfy.c +808 -0
  431. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.am +56 -0
  432. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.in +790 -0
  433. data/vendor/xmlsec1-1.2.18/src/openssl/README +17 -0
  434. data/vendor/xmlsec1-1.2.18/src/openssl/app.c +1628 -0
  435. data/vendor/xmlsec1-1.2.18/src/openssl/bn.c +163 -0
  436. data/vendor/xmlsec1-1.2.18/src/openssl/ciphers.c +856 -0
  437. data/vendor/xmlsec1-1.2.18/src/openssl/crypto.c +491 -0
  438. data/vendor/xmlsec1-1.2.18/src/openssl/digests.c +682 -0
  439. data/vendor/xmlsec1-1.2.18/src/openssl/evp.c +1559 -0
  440. data/vendor/xmlsec1-1.2.18/src/openssl/globals.h +24 -0
  441. data/vendor/xmlsec1-1.2.18/src/openssl/hmac.c +857 -0
  442. data/vendor/xmlsec1-1.2.18/src/openssl/kt_rsa.c +876 -0
  443. data/vendor/xmlsec1-1.2.18/src/openssl/kw_aes.c +513 -0
  444. data/vendor/xmlsec1-1.2.18/src/openssl/kw_des.c +563 -0
  445. data/vendor/xmlsec1-1.2.18/src/openssl/signatures.c +1065 -0
  446. data/vendor/xmlsec1-1.2.18/src/openssl/symkeys.c +447 -0
  447. data/vendor/xmlsec1-1.2.18/src/openssl/x509.c +2414 -0
  448. data/vendor/xmlsec1-1.2.18/src/openssl/x509vfy.c +1284 -0
  449. data/vendor/xmlsec1-1.2.18/src/parser.c +571 -0
  450. data/vendor/xmlsec1-1.2.18/src/skeleton/Makefile.am +45 -0
  451. data/vendor/xmlsec1-1.2.18/src/skeleton/README +0 -0
  452. data/vendor/xmlsec1-1.2.18/src/skeleton/app.c +499 -0
  453. data/vendor/xmlsec1-1.2.18/src/skeleton/crypto.c +260 -0
  454. data/vendor/xmlsec1-1.2.18/src/skeleton/globals.h +24 -0
  455. data/vendor/xmlsec1-1.2.18/src/soap.c +1322 -0
  456. data/vendor/xmlsec1-1.2.18/src/strings.c +597 -0
  457. data/vendor/xmlsec1-1.2.18/src/templates.c +2091 -0
  458. data/vendor/xmlsec1-1.2.18/src/transforms.c +2902 -0
  459. data/vendor/xmlsec1-1.2.18/src/x509.c +97 -0
  460. data/vendor/xmlsec1-1.2.18/src/xkms.c +4981 -0
  461. data/vendor/xmlsec1-1.2.18/src/xmldsig.c +1795 -0
  462. data/vendor/xmlsec1-1.2.18/src/xmlenc.c +1339 -0
  463. data/vendor/xmlsec1-1.2.18/src/xmlsec.c +185 -0
  464. data/vendor/xmlsec1-1.2.18/src/xmltree.c +1908 -0
  465. data/vendor/xmlsec1-1.2.18/src/xpath.c +1148 -0
  466. data/vendor/xmlsec1-1.2.18/src/xslt.c +617 -0
  467. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/Readme.txt +52 -0
  468. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des.xml +29 -0
  469. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/dh-priv-key.der +0 -0
  470. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data +9 -0
  471. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.tmpl +22 -0
  472. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.xml +30 -0
  473. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data +9 -0
  474. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.tmpl +22 -0
  475. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.xml +30 -0
  476. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data +9 -0
  477. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.tmpl +22 -0
  478. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.xml +30 -0
  479. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data +9 -0
  480. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.tmpl +24 -0
  481. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.xml +63 -0
  482. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml +83 -0
  483. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data +9 -0
  484. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.tmpl +23 -0
  485. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.xml +61 -0
  486. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data +9 -0
  487. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.tmpl +22 -0
  488. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.xml +63 -0
  489. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml +63 -0
  490. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml +63 -0
  491. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data +9 -0
  492. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.tmpl +22 -0
  493. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.xml +29 -0
  494. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-ka-dh.xml +83 -0
  495. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data +9 -0
  496. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl +20 -0
  497. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.xml +61 -0
  498. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data +9 -0
  499. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.tmpl +22 -0
  500. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.xml +63 -0
  501. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data +9 -0
  502. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.tmpl +22 -0
  503. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.xml +29 -0
  504. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data +9 -0
  505. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.tmpl +22 -0
  506. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.xml +29 -0
  507. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-ka-dh.xml +83 -0
  508. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data +9 -0
  509. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.tmpl +22 -0
  510. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.xml +63 -0
  511. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data +9 -0
  512. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.tmpl +22 -0
  513. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.xml +29 -0
  514. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-ka-dh.xml +83 -0
  515. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data +9 -0
  516. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.tmpl +22 -0
  517. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.xml +29 -0
  518. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data +9 -0
  519. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.tmpl +23 -0
  520. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.xml +32 -0
  521. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data +9 -0
  522. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.tmpl +21 -0
  523. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.xml +28 -0
  524. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data +9 -0
  525. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.tmpl +20 -0
  526. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.xml +62 -0
  527. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data +9 -0
  528. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.tmpl +22 -0
  529. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.xml +64 -0
  530. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/key.txt +117 -0
  531. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/keys.xml +61 -0
  532. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/payment.xml +9 -0
  533. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.der +0 -0
  534. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 +0 -0
  535. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name-not-supported.xml +2 -0
  536. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name.xml +10 -0
  537. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1-no-match.xml +7 -0
  538. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1.xml +51 -0
  539. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.der +0 -0
  540. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.pem +26 -0
  541. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.der +0 -0
  542. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.pem +25 -0
  543. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.der +0 -0
  544. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.pem +24 -0
  545. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/create-keys.sh +73 -0
  546. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1-pk8.der +0 -0
  547. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.der +0 -0
  548. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.p12 +0 -0
  549. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.pem +18 -0
  550. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2-pk8.der +0 -0
  551. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.der +0 -0
  552. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.p12 +0 -0
  553. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.pem +9 -0
  554. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3-pk8.der +0 -0
  555. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.der +0 -0
  556. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.p12 +0 -0
  557. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.pem +9 -0
  558. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/openssl.cnf +106 -0
  559. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req2.pem +11 -0
  560. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req3.pem +11 -0
  561. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-bad-service.xml +2 -0
  562. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-no-match.xml +2 -0
  563. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1.xml +18 -0
  564. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2-no-match.xml +2 -0
  565. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2.xml +39 -0
  566. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data-no-match.xml +2 -0
  567. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data.xml +32 -0
  568. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/readme.txt +117 -0
  569. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name-msg-invalid.xml +9 -0
  570. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name.xml +14 -0
  571. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-no-match.xml +6 -0
  572. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-unsupported.xml +13 -0
  573. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1.xml +23 -0
  574. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name-msg-invalid.xml +11 -0
  575. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name.xml +14 -0
  576. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-no-match.xml +6 -0
  577. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-unsupported.xml +9 -0
  578. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1.xml +23 -0
  579. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request-success.xml +2 -0
  580. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request.xml +7 -0
  581. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1-no-match.xml +2 -0
  582. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1.xml +65 -0
  583. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/README +47 -0
  584. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd +1 -0
  585. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl +27 -0
  586. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.xml +27 -0
  587. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.tmpl +31 -0
  588. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.xml +42 -0
  589. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.tmpl +18 -0
  590. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml +87 -0
  591. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl +18 -0
  592. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml +85 -0
  593. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl +16 -0
  594. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml +15 -0
  595. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.tmpl +14 -0
  596. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml +13 -0
  597. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.tmpl +17 -0
  598. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.xml +85 -0
  599. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl +16 -0
  600. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml +15 -0
  601. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.tmpl +14 -0
  602. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml +13 -0
  603. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.tmpl +17 -0
  604. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.xml +85 -0
  605. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.tmpl +18 -0
  606. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml +85 -0
  607. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl +16 -0
  608. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml +15 -0
  609. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.tmpl +14 -0
  610. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.xml +13 -0
  611. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.tmpl +17 -0
  612. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.xml +85 -0
  613. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl +16 -0
  614. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml +15 -0
  615. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.tmpl +14 -0
  616. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.xml +13 -0
  617. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.tmpl +17 -0
  618. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.xml +85 -0
  619. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl +16 -0
  620. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml +15 -0
  621. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.tmpl +14 -0
  622. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.xml +13 -0
  623. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.tmpl +17 -0
  624. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.xml +85 -0
  625. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl +16 -0
  626. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml +15 -0
  627. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.tmpl +14 -0
  628. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.xml +13 -0
  629. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.tmpl +17 -0
  630. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.xml +103 -0
  631. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl +16 -0
  632. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml +16 -0
  633. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.tmpl +14 -0
  634. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.xml +15 -0
  635. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.tmpl +17 -0
  636. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.xml +104 -0
  637. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.tmpl +27 -0
  638. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.xml +40 -0
  639. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.tmpl +31 -0
  640. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.xml +117 -0
  641. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.tmpl +29 -0
  642. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.xml +28 -0
  643. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.data +1 -0
  644. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.tmpl +11 -0
  645. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.xml +12 -0
  646. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.data +1 -0
  647. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.xml +21 -0
  648. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.data +1 -0
  649. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.tmpl +11 -0
  650. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.xml +12 -0
  651. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.data +1 -0
  652. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.tmpl +10 -0
  653. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.xml +12 -0
  654. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data +1 -0
  655. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.tmpl +16 -0
  656. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.xml +18 -0
  657. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data +7 -0
  658. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.tmpl +11 -0
  659. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml +15 -0
  660. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data +7 -0
  661. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.tmpl +11 -0
  662. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.xml +15 -0
  663. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data +9 -0
  664. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.tmpl +11 -0
  665. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.xml +17 -0
  666. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.data +1 -0
  667. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.tmpl +8 -0
  668. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.xml +8 -0
  669. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data +1 -0
  670. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl +10 -0
  671. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml +12 -0
  672. data/vendor/xmlsec1-1.2.18/tests/keys/README +203 -0
  673. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.der +0 -0
  674. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.pem +66 -0
  675. data/vendor/xmlsec1-1.2.18/tests/keys/ca2key.pem +9 -0
  676. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.der +0 -0
  677. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.pem +72 -0
  678. data/vendor/xmlsec1-1.2.18/tests/keys/cakey.pem +18 -0
  679. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/cacert.pem +72 -0
  680. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/careq.pem +14 -0
  681. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/index.txt +6 -0
  682. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/01.pem +65 -0
  683. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/02.pem +93 -0
  684. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/03.pem +60 -0
  685. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/04.pem +60 -0
  686. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/05.pem +83 -0
  687. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/private/cakey.pem +18 -0
  688. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/serial +1 -0
  689. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.der +0 -0
  690. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.pem +78 -0
  691. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.der +0 -0
  692. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p12 +0 -0
  693. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-der +0 -0
  694. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-pem +8 -0
  695. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.pem +14 -0
  696. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.der +0 -0
  697. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.pem +61 -0
  698. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.der +0 -0
  699. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.p12 +0 -0
  700. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.pem +9 -0
  701. data/vendor/xmlsec1-1.2.18/tests/keys/expiredreq.pem +11 -0
  702. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.der +0 -0
  703. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.pem +13 -0
  704. data/vendor/xmlsec1-1.2.18/tests/keys/hmackey.bin +1 -0
  705. data/vendor/xmlsec1-1.2.18/tests/keys/keys.xml +83 -0
  706. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.der +0 -0
  707. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.pem +100 -0
  708. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-win.p12 +0 -0
  709. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-winxp.p12 +0 -0
  710. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.der +0 -0
  711. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p12 +0 -0
  712. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-der +0 -0
  713. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-pem +53 -0
  714. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.pem +51 -0
  715. data/vendor/xmlsec1-1.2.18/tests/keys/largersareq.pem +30 -0
  716. data/vendor/xmlsec1-1.2.18/tests/keys/merlincert.pem +20 -0
  717. data/vendor/xmlsec1-1.2.18/tests/keys/openssl.cnf +316 -0
  718. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.der +0 -0
  719. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.pem +61 -0
  720. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-win.p12 +0 -0
  721. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-winxp.p12 +0 -0
  722. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.der +0 -0
  723. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p12 +0 -0
  724. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-der +0 -0
  725. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-pem +11 -0
  726. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.pem +9 -0
  727. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/Readme.txt +20 -0
  728. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-0.txt +15 -0
  729. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-1.txt +15 -0
  730. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-10.txt +15 -0
  731. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-11.txt +15 -0
  732. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-12.txt +15 -0
  733. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-13.txt +15 -0
  734. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-14.txt +15 -0
  735. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-15.txt +0 -0
  736. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-16.txt +0 -0
  737. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-17.txt +15 -0
  738. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-18.txt +15 -0
  739. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-19.txt +15 -0
  740. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-2.txt +15 -0
  741. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-20.txt +15 -0
  742. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-21.txt +15 -0
  743. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-22.txt +15 -0
  744. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-23.txt +15 -0
  745. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-24.txt +1 -0
  746. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-25.txt +0 -0
  747. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-26.txt +15 -0
  748. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-27.txt +430 -0
  749. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-3.txt +15 -0
  750. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-4.txt +15 -0
  751. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-5.txt +15 -0
  752. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-6.txt +1 -0
  753. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-7.txt +1 -0
  754. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-8.txt +15 -0
  755. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-9.txt +15 -0
  756. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/signature.xml +526 -0
  757. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/Readme.txt +3 -0
  758. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.tmpl +52 -0
  759. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.xml +73 -0
  760. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/Readme.txt +63 -0
  761. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.der +0 -0
  762. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.pem +20 -0
  763. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.der +0 -0
  764. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.pem +20 -0
  765. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/bres.pem +20 -0
  766. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.der +0 -0
  767. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.pem +20 -0
  768. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der +0 -0
  769. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem +20 -0
  770. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.der +0 -0
  771. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.pem +12 -0
  772. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.der +0 -0
  773. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.pem +20 -0
  774. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.der +0 -0
  775. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.pem +21 -0
  776. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/morigu.pem +20 -0
  777. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.der +0 -0
  778. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.pem +20 -0
  779. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.tmpl +22 -0
  780. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml +43 -0
  781. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.tmpl +21 -0
  782. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml +42 -0
  783. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.tmpl +18 -0
  784. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml +39 -0
  785. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl +16 -0
  786. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml +17 -0
  787. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.tmpl +14 -0
  788. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml +15 -0
  789. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.tmpl +18 -0
  790. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml +31 -0
  791. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.tmpl +20 -0
  792. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml +41 -0
  793. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.tmpl +17 -0
  794. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml +38 -0
  795. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.tmpl +16 -0
  796. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.xml +17 -0
  797. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.tmpl +16 -0
  798. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml +17 -0
  799. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.tmpl +17 -0
  800. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml +47 -0
  801. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.tmpl +17 -0
  802. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml +38 -0
  803. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.tmpl +17 -0
  804. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml +24 -0
  805. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.tmpl +17 -0
  806. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml +21 -0
  807. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.tmpl +17 -0
  808. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml +21 -0
  809. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.tmpl +245 -0
  810. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.xml +269 -0
  811. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/Readme.txt +117 -0
  812. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml +42 -0
  813. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform-except.xml +83 -0
  814. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform.xml +73 -0
  815. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh0.p8 +0 -0
  816. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh1.p8 +0 -0
  817. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dsa.p8 +0 -0
  818. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data +27 -0
  819. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.tmpl +20 -0
  820. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml +45 -0
  821. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml +113 -0
  822. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data +27 -0
  823. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.tmpl +18 -0
  824. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml +42 -0
  825. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data +27 -0
  826. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.tmpl +11 -0
  827. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml +35 -0
  828. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.data +1 -0
  829. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.tmpl +11 -0
  830. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml +12 -0
  831. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data +1 -0
  832. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.tmpl +20 -0
  833. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml +22 -0
  834. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data +1 -0
  835. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.tmpl +20 -0
  836. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml +22 -0
  837. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml +46 -0
  838. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data +1 -0
  839. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.tmpl +21 -0
  840. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml +43 -0
  841. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data +27 -0
  842. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.tmpl +19 -0
  843. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml +63 -0
  844. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.data +36 -0
  845. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml +42 -0
  846. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml +57 -0
  847. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml +122 -0
  848. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.data +40 -0
  849. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml +47 -0
  850. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data +27 -0
  851. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.tmpl +20 -0
  852. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml +43 -0
  853. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml +98 -0
  854. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml +108 -0
  855. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml +46 -0
  856. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml +51 -0
  857. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.tmpl +25 -0
  858. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml +27 -0
  859. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml +27 -0
  860. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml +27 -0
  861. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml +28 -0
  862. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/ids.p12 +0 -0
  863. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/keys.xml +42 -0
  864. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/plaintext.xml +24 -0
  865. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsa.p8 +0 -0
  866. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.der +0 -0
  867. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p12 +0 -0
  868. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-der +0 -0
  869. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-pem +17 -0
  870. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.pem +15 -0
  871. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapub.pem +6 -0
  872. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/Readme.txt +23 -0
  873. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-0.txt +11 -0
  874. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-1.txt +0 -0
  875. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-2.txt +25 -0
  876. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.tmpl +50 -0
  877. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.xml +122 -0
  878. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl-c14n-0.txt +3986 -0
  879. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.tmpl +4153 -0
  880. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.xml +4225 -0
  881. data/vendor/xmlsec1-1.2.18/tests/nss.supp +220 -0
  882. data/vendor/xmlsec1-1.2.18/tests/nssdb/cert8.db +0 -0
  883. data/vendor/xmlsec1-1.2.18/tests/nssdb/key3.db +0 -0
  884. data/vendor/xmlsec1-1.2.18/tests/nssdb/secmod.db +0 -0
  885. data/vendor/xmlsec1-1.2.18/tests/openssl.supp +63 -0
  886. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt +248 -0
  887. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/crl.der +0 -0
  888. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-ca-cert.der +0 -0
  889. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-cert.der +0 -0
  890. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-dsa-key.der +0 -0
  891. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-rsa-key.der +0 -0
  892. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/hmackey.bin +1 -0
  893. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-ca-cert.der +0 -0
  894. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-cert.der +0 -0
  895. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document-stylesheet.xml +7 -0
  896. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.b64 +4 -0
  897. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xml +6 -0
  898. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xsl +45 -0
  899. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-big.xml +39 -0
  900. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-detached.xml +1 -0
  901. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloped.xml +6 -0
  902. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloping.xml +6 -0
  903. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-manifest.xml +1 -0
  904. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping.xml +6 -0
  905. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml +1 -0
  906. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml +1 -0
  907. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml +1 -0
  908. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml +6 -0
  909. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml +1 -0
  910. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xpath-transform.xml +1 -0
  911. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method.xml +6 -0
  912. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method.xml +39 -0
  913. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform.xml +39 -0
  914. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached.xml +1 -0
  915. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml +6 -0
  916. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-sig.xml +6 -0
  917. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped.xml +6 -0
  918. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloping.xml +6 -0
  919. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain.xml +1 -0
  920. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert.xml +1 -0
  921. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial.xml +1 -0
  922. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski.xml +1 -0
  923. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name.xml +1 -0
  924. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest.xml +1 -0
  925. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped.xml +6 -0
  926. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-~x509-data-crl.xml +1 -0
  927. data/vendor/xmlsec1-1.2.18/tests/testDSig.sh +875 -0
  928. data/vendor/xmlsec1-1.2.18/tests/testEnc.sh +411 -0
  929. data/vendor/xmlsec1-1.2.18/tests/testKeys.sh +69 -0
  930. data/vendor/xmlsec1-1.2.18/tests/testRes.sh +20 -0
  931. data/vendor/xmlsec1-1.2.18/tests/testXKMS.sh +129 -0
  932. data/vendor/xmlsec1-1.2.18/tests/testrun.sh +443 -0
  933. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/c14n11/xml-base-input.xml +17 -0
  934. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.tmpl +2 -0
  935. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.xml +2 -0
  936. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.tmpl +2 -0
  937. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.xml +2 -0
  938. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.tmpl +2 -0
  939. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.xml +2 -0
  940. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-1-SUN.xml +21 -0
  941. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-2-SUN.xml +21 -0
  942. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-3-SUN.xml +21 -0
  943. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-4-SUN.xml +21 -0
  944. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-5-SUN.xml +21 -0
  945. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-6-SUN.xml +21 -0
  946. data/vendor/xmlsec1-1.2.18/win32/Makefile.msvc +699 -0
  947. data/vendor/xmlsec1-1.2.18/win32/README.txt +168 -12
  948. data/vendor/xmlsec1-1.2.18/win32/configure.js +395 -0
  949. data/vendor/xmlsec1-1.2.18/win32/libxmlsec.def.src +25 -0
  950. data/vendor/xmlsec1-1.2.18/win32/mycfg.bat +21 -0
  951. data/vendor/xmlsec1-1.2.18/xmlsec-config.in +243 -0
  952. data/vendor/xmlsec1-1.2.18/xmlsec-gcrypt.pc.in +11 -0
  953. data/vendor/xmlsec1-1.2.18/xmlsec-gnutls.pc.in +11 -0
  954. data/vendor/xmlsec1-1.2.18/xmlsec-nss.pc.in +11 -0
  955. data/vendor/xmlsec1-1.2.18/xmlsec-openssl.pc.in +11 -0
  956. data/vendor/xmlsec1-1.2.18/xmlsec.pc.in +11 -0
  957. data/vendor/xmlsec1-1.2.18/xmlsec.spec.in +185 -0
  958. data/vendor/xmlsec1-1.2.18/xmlsec1-config +243 -0
  959. data/vendor/xmlsec1-1.2.18/xmlsec1-gcrypt.pc +11 -0
  960. data/vendor/xmlsec1-1.2.18/xmlsec1-gnutls.pc +11 -0
  961. data/vendor/xmlsec1-1.2.18/xmlsec1-nss.pc +11 -0
  962. data/vendor/xmlsec1-1.2.18/xmlsec1-openssl.pc +11 -0
  963. data/vendor/xmlsec1-1.2.18/xmlsec1.m4 +172 -0
  964. data/vendor/xmlsec1-1.2.18/xmlsec1.pc +11 -0
  965. data/vendor/xmlsec1-1.2.18/xmlsec1.spec +185 -0
  966. data/vendor/xmlsec1-1.2.18/xmlsec1Conf.sh +13 -0
  967. data/vendor/xmlsec1-1.2.18/xmlsecConf.sh.in +13 -0
  968. data/xmlsec-shim.gemspec +18 -0
  969. metadata +1014 -0
@@ -0,0 +1,2281 @@
1
+ /**
2
+ * XMLSec library
3
+ *
4
+ * X509 support
5
+ *
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
11
+ * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
12
+ */
13
+
14
+ #include "globals.h"
15
+
16
+ #ifndef XMLSEC_NO_X509
17
+
18
+ #include <stdlib.h>
19
+ #include <stdio.h>
20
+ #include <string.h>
21
+ #include <ctype.h>
22
+ #include <errno.h>
23
+ #include <time.h>
24
+
25
+ #include <windows.h>
26
+ #include <wincrypt.h>
27
+
28
+ #include <libxml/tree.h>
29
+
30
+ #include <xmlsec/xmlsec.h>
31
+ #include <xmlsec/xmltree.h>
32
+ #include <xmlsec/keys.h>
33
+ #include <xmlsec/keyinfo.h>
34
+ #include <xmlsec/keysmngr.h>
35
+ #include <xmlsec/x509.h>
36
+ #include <xmlsec/base64.h>
37
+ #include <xmlsec/bn.h>
38
+ #include <xmlsec/errors.h>
39
+
40
+ #include <xmlsec/mscrypto/crypto.h>
41
+ #include <xmlsec/mscrypto/x509.h>
42
+ #include <xmlsec/mscrypto/certkeys.h>
43
+ #include "private.h"
44
+
45
+
46
+ /*************************************************************************
47
+ *
48
+ * X509 utility functions
49
+ *
50
+ ************************************************************************/
51
+ static int xmlSecMSCryptoX509DataNodeRead (xmlSecKeyDataPtr data,
52
+ xmlNodePtr node,
53
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
54
+ static int xmlSecMSCryptoX509CertificateNodeRead (xmlSecKeyDataPtr data,
55
+ xmlNodePtr node,
56
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
57
+ static int xmlSecMSCryptoX509CertificateNodeWrite (PCCERT_CONTEXT cert,
58
+ xmlNodePtr node,
59
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
60
+ static int xmlSecMSCryptoX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
61
+ xmlNodePtr node,
62
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
63
+ static int xmlSecMSCryptoX509SubjectNameNodeWrite (PCCERT_CONTEXT cert,
64
+ xmlNodePtr node,
65
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
66
+ static int xmlSecMSCryptoX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
67
+ xmlNodePtr node,
68
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
69
+ static int xmlSecMSCryptoX509IssuerSerialNodeWrite (PCCERT_CONTEXT cert,
70
+ xmlNodePtr node,
71
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
72
+ static int xmlSecMSCryptoX509SKINodeRead (xmlSecKeyDataPtr data,
73
+ xmlNodePtr node,
74
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
75
+ static int xmlSecMSCryptoX509SKINodeWrite (PCCERT_CONTEXT cert,
76
+ xmlNodePtr node,
77
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
78
+ static int xmlSecMSCryptoX509CRLNodeRead (xmlSecKeyDataPtr data,
79
+ xmlNodePtr node,
80
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
81
+ static int xmlSecMSCryptoX509CRLNodeWrite (PCCRL_CONTEXT crl,
82
+ xmlNodePtr node,
83
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
84
+ static int xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
85
+ xmlSecKeyPtr key,
86
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
87
+
88
+ static PCCERT_CONTEXT xmlSecMSCryptoX509CertDerRead (const xmlSecByte* buf,
89
+ xmlSecSize size);
90
+ static PCCERT_CONTEXT xmlSecMSCryptoX509CertBase64DerRead (xmlChar* buf);
91
+ static xmlChar* xmlSecMSCryptoX509CertBase64DerWrite (PCCERT_CONTEXT cert,
92
+ int base64LineWrap);
93
+ static PCCRL_CONTEXT xmlSecMSCryptoX509CrlDerRead (xmlSecByte* buf,
94
+ xmlSecSize size,
95
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
96
+ static PCCRL_CONTEXT xmlSecMSCryptoX509CrlBase64DerRead (xmlChar* buf,
97
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
98
+ static xmlChar* xmlSecMSCryptoX509CrlBase64DerWrite (PCCRL_CONTEXT crl,
99
+ int base64LineWrap);
100
+ static xmlChar* xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm);
101
+ static int xmlSecMSCryptoASN1IntegerWrite (xmlNodePtr node,
102
+ PCRYPT_INTEGER_BLOB num);
103
+ static xmlChar* xmlSecMSCryptoX509SKIWrite (PCCERT_CONTEXT cert);
104
+ static void xmlSecMSCryptoX509CertDebugDump (PCCERT_CONTEXT cert,
105
+ FILE* output);
106
+ static void xmlSecMSCryptoX509CertDebugXmlDump (PCCERT_CONTEXT cert,
107
+ FILE* output);
108
+ static int xmlSecMSCryptoX509CertGetTime (FILETIME t,
109
+ time_t* res);
110
+
111
+ /*************************************************************************
112
+ *
113
+ * Internal MSCrypto X509 data CTX
114
+ *
115
+ ************************************************************************/
116
+ typedef struct _xmlSecMSCryptoX509DataCtx xmlSecMSCryptoX509DataCtx,
117
+ *xmlSecMSCryptoX509DataCtxPtr;
118
+
119
+ struct _xmlSecMSCryptoX509DataCtx {
120
+ PCCERT_CONTEXT keyCert;
121
+
122
+ HCERTSTORE hMemStore;
123
+ unsigned int numCerts;
124
+ unsigned int numCrls;
125
+ };
126
+
127
+ /**************************************************************************
128
+ *
129
+ * <dsig:X509Data> processing
130
+ *
131
+ *
132
+ * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
133
+ *
134
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
135
+ * or X509 certificates (or certificates' identifiers or a revocation list).
136
+ * The content of X509Data is:
137
+ *
138
+ * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
139
+ * 2.
140
+ * * The X509IssuerSerial element, which contains an X.509 issuer
141
+ * distinguished name/serial number pair that SHOULD be compliant
142
+ * with RFC2253 [LDAP-DN],
143
+ * * The X509SubjectName element, which contains an X.509 subject
144
+ * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
145
+ * * The X509SKI element, which contains the base64 encoded plain (i.e.
146
+ * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
147
+ * * The X509Certificate element, which contains a base64-encoded [X509v3]
148
+ * certificate, and
149
+ * * Elements from an external namespace which accompanies/complements any
150
+ * of the elements above.
151
+ * * The X509CRL element, which contains a base64-encoded certificate
152
+ * revocation list (CRL) [X509v3].
153
+ *
154
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
155
+ * MUST refer to the certificate or certificates containing the validation key.
156
+ * All such elements that refer to a particular individual certificate MUST be
157
+ * grouped inside a single X509Data element and if the certificate to which
158
+ * they refer appears, it MUST also be in that X509Data element.
159
+ *
160
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
161
+ * the same key but different certificates MUST be grouped within a single
162
+ * KeyInfo but MAY occur in multiple X509Data elements.
163
+ *
164
+ * All certificates appearing in an X509Data element MUST relate to the
165
+ * validation key by either containing it or being part of a certification
166
+ * chain that terminates in a certificate containing the validation key.
167
+ *
168
+ * No ordering is implied by the above constraints.
169
+ *
170
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
171
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
172
+ * within an X509Data element and multiple X509Data elements can occur in a
173
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
174
+ * least one such certificate must contain the public key which verifies the
175
+ * signature.
176
+ *
177
+ * Schema Definition
178
+ *
179
+ * <element name="X509Data" type="ds:X509DataType"/>
180
+ * <complexType name="X509DataType">
181
+ * <sequence maxOccurs="unbounded">
182
+ * <choice>
183
+ * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
184
+ * <element name="X509SKI" type="base64Binary"/>
185
+ * <element name="X509SubjectName" type="string"/>
186
+ * <element name="X509Certificate" type="base64Binary"/>
187
+ * <element name="X509CRL" type="base64Binary"/>
188
+ * <any namespace="##other" processContents="lax"/>
189
+ * </choice>
190
+ * </sequence>
191
+ * </complexType>
192
+ * <complexType name="X509IssuerSerialType">
193
+ * <sequence>
194
+ * <element name="X509IssuerName" type="string"/>
195
+ * <element name="X509SerialNumber" type="integer"/>
196
+ * </sequence>
197
+ * </complexType>
198
+ *
199
+ * DTD
200
+ *
201
+ * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
202
+ * X509Certificate | X509CRL)+ %X509.ANY;)>
203
+ * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
204
+ * <!ELEMENT X509IssuerName (#PCDATA) >
205
+ * <!ELEMENT X509SubjectName (#PCDATA) >
206
+ * <!ELEMENT X509SerialNumber (#PCDATA) >
207
+ * <!ELEMENT X509SKI (#PCDATA) >
208
+ * <!ELEMENT X509Certificate (#PCDATA) >
209
+ * <!ELEMENT X509CRL (#PCDATA) >
210
+ *
211
+ * -----------------------------------------------------------------------
212
+ *
213
+ * xmlSecMSCryptoX509DataCtx is located after xmlSecTransform
214
+ *
215
+ *************************************************************************/
216
+ #define xmlSecMSCryptoX509DataSize \
217
+ (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoX509DataCtx))
218
+ #define xmlSecMSCryptoX509DataGetCtx(data) \
219
+ ((xmlSecMSCryptoX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
220
+
221
+ static int xmlSecMSCryptoKeyDataX509Initialize (xmlSecKeyDataPtr data);
222
+ static int xmlSecMSCryptoKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
223
+ xmlSecKeyDataPtr src);
224
+ static void xmlSecMSCryptoKeyDataX509Finalize (xmlSecKeyDataPtr data);
225
+ static int xmlSecMSCryptoKeyDataX509XmlRead (xmlSecKeyDataId id,
226
+ xmlSecKeyPtr key,
227
+ xmlNodePtr node,
228
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
229
+ static int xmlSecMSCryptoKeyDataX509XmlWrite (xmlSecKeyDataId id,
230
+ xmlSecKeyPtr key,
231
+ xmlNodePtr node,
232
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
233
+ static xmlSecKeyDataType xmlSecMSCryptoKeyDataX509GetType (xmlSecKeyDataPtr data);
234
+ static const xmlChar* xmlSecMSCryptoKeyDataX509GetIdentifier (xmlSecKeyDataPtr data);
235
+
236
+ static void xmlSecMSCryptoKeyDataX509DebugDump (xmlSecKeyDataPtr data,
237
+ FILE* output);
238
+ static void xmlSecMSCryptoKeyDataX509DebugXmlDump (xmlSecKeyDataPtr data,
239
+ FILE* output);
240
+
241
+
242
+
243
+ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataX509Klass = {
244
+ sizeof(xmlSecKeyDataKlass),
245
+ xmlSecMSCryptoX509DataSize,
246
+
247
+ /* data */
248
+ xmlSecNameX509Data,
249
+ xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
250
+ /* xmlSecKeyDataUsage usage; */
251
+ xmlSecHrefX509Data, /* const xmlChar* href; */
252
+ xmlSecNodeX509Data, /* const xmlChar* dataNodeName; */
253
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
254
+
255
+ /* constructors/destructor */
256
+ xmlSecMSCryptoKeyDataX509Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
257
+ xmlSecMSCryptoKeyDataX509Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
258
+ xmlSecMSCryptoKeyDataX509Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
259
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
260
+
261
+ /* get info */
262
+ xmlSecMSCryptoKeyDataX509GetType, /* xmlSecKeyDataGetTypeMethod getType; */
263
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
264
+ xmlSecMSCryptoKeyDataX509GetIdentifier, /* xmlSecKeyDataGetIdentifier getIdentifier; */
265
+
266
+ /* read/write */
267
+ xmlSecMSCryptoKeyDataX509XmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
268
+ xmlSecMSCryptoKeyDataX509XmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
269
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
270
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
271
+
272
+ /* debug */
273
+ xmlSecMSCryptoKeyDataX509DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
274
+ xmlSecMSCryptoKeyDataX509DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
275
+
276
+ /* reserved for the future */
277
+ NULL, /* void* reserved0; */
278
+ NULL, /* void* reserved1; */
279
+ };
280
+
281
+ /**
282
+ * xmlSecMSCryptoKeyDataX509GetKlass:
283
+ *
284
+ * The MSCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
285
+ *
286
+ * Returns: the X509 data klass.
287
+ */
288
+ xmlSecKeyDataId
289
+ xmlSecMSCryptoKeyDataX509GetKlass(void) {
290
+ return(&xmlSecMSCryptoKeyDataX509Klass);
291
+ }
292
+
293
+ /**
294
+ * xmlSecMSCryptoKeyDataX509GetKeyCert:
295
+ * @data: the pointer to X509 key data.
296
+ *
297
+ * Gets the certificate from which the key was extracted.
298
+ *
299
+ * Returns: the key's certificate or NULL if key data was not used for key
300
+ * extraction or an error occurs.
301
+ */
302
+ PCCERT_CONTEXT
303
+ xmlSecMSCryptoKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
304
+ xmlSecMSCryptoX509DataCtxPtr ctx;
305
+
306
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
307
+
308
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
309
+ xmlSecAssert2(ctx != NULL, NULL);
310
+
311
+ return(ctx->keyCert);
312
+ }
313
+
314
+ /**
315
+ * xmlSecMSCryptoKeyDataX509AdoptKeyCert:
316
+ * @data: the pointer to X509 key data.
317
+ * @cert: the pointer to MSCRYPTO X509 certificate.
318
+ *
319
+ * Sets the key's certificate in @data.
320
+ *
321
+ * Returns: 0 on success or a negative value if an error occurs.
322
+ */
323
+ int
324
+ xmlSecMSCryptoKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
325
+ xmlSecMSCryptoX509DataCtxPtr ctx;
326
+
327
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
328
+ xmlSecAssert2(cert != NULL, -1);
329
+
330
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
331
+ xmlSecAssert2(ctx != NULL, -1);
332
+
333
+ if(ctx->keyCert != NULL) {
334
+ CertFreeCertificateContext(ctx->keyCert);
335
+ ctx->keyCert = 0;
336
+ }
337
+ ctx->keyCert = cert;
338
+
339
+ return(0);
340
+ }
341
+
342
+ /**
343
+ * xmlSecMSCryptoKeyDataX509AdoptCert:
344
+ * @data: the pointer to X509 key data.
345
+ * @cert: the pointer to MSCRYPTO X509 certificate.
346
+ *
347
+ * Adds certificate to the X509 key data.
348
+ *
349
+ * Returns: 0 on success or a negative value if an error occurs.
350
+ */
351
+ int
352
+ xmlSecMSCryptoKeyDataX509AdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
353
+ xmlSecMSCryptoX509DataCtxPtr ctx;
354
+
355
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
356
+ xmlSecAssert2(cert != NULL, -1);
357
+
358
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
359
+ xmlSecAssert2(ctx != NULL, -1);
360
+ xmlSecAssert2(ctx->hMemStore != 0, -1);
361
+
362
+ if (!CertAddCertificateContextToStore(ctx->hMemStore, cert, CERT_STORE_ADD_ALWAYS, NULL)) {
363
+ xmlSecError(XMLSEC_ERRORS_HERE,
364
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
365
+ "CertAddCertificateContextToStore",
366
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
367
+ XMLSEC_ERRORS_NO_MESSAGE);
368
+ return(-1);
369
+ }
370
+ CertFreeCertificateContext(cert);
371
+ ctx->numCerts++;
372
+
373
+ return(0);
374
+ }
375
+
376
+ /**
377
+ * xmlSecMSCryptoKeyDataX509GetCert:
378
+ * @data: the pointer to X509 key data.
379
+ * @pos: the desired certificate position.
380
+ *
381
+ * Gets a certificate from X509 key data.
382
+ *
383
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
384
+ * number of certificates in @data or an error occurs.
385
+ */
386
+ PCCERT_CONTEXT
387
+ xmlSecMSCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
388
+ xmlSecMSCryptoX509DataCtxPtr ctx;
389
+ PCCERT_CONTEXT pCert = NULL;
390
+
391
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
392
+
393
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
394
+ xmlSecAssert2(ctx != NULL, NULL);
395
+ xmlSecAssert2(ctx->hMemStore != 0, NULL);
396
+ xmlSecAssert2(ctx->numCerts > pos, NULL);
397
+
398
+ while ((pCert = CertEnumCertificatesInStore(ctx->hMemStore, pCert)) && (pos > 0)) {
399
+ pos--;
400
+ }
401
+
402
+ return(pCert);
403
+ }
404
+
405
+ /**
406
+ * xmlSecMSCryptoKeyDataX509GetCertsSize:
407
+ * @data: the pointer to X509 key data.
408
+ *
409
+ * Gets the number of certificates in @data.
410
+ *
411
+ * Returns: te number of certificates in @data.
412
+ */
413
+ xmlSecSize
414
+ xmlSecMSCryptoKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
415
+ xmlSecMSCryptoX509DataCtxPtr ctx;
416
+
417
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), 0);
418
+
419
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
420
+ xmlSecAssert2(ctx != NULL, 0);
421
+
422
+ return(ctx->numCerts);
423
+ }
424
+
425
+ /**
426
+ * xmlSecMSCryptoKeyDataX509AdoptCrl:
427
+ * @data: the pointer to X509 key data.
428
+ * @crl: the pointer to MSCrypto X509 CRL.
429
+ *
430
+ * Adds CRL to the X509 key data.
431
+ *
432
+ * Returns: 0 on success or a negative value if an error occurs.
433
+ */
434
+ int
435
+ xmlSecMSCryptoKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, PCCRL_CONTEXT crl) {
436
+ xmlSecMSCryptoX509DataCtxPtr ctx;
437
+
438
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
439
+ xmlSecAssert2(crl != 0, -1);
440
+
441
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
442
+ xmlSecAssert2(ctx != NULL, -1);
443
+ xmlSecAssert2(ctx->hMemStore != 0, -1);
444
+
445
+ if (!CertAddCRLContextToStore(ctx->hMemStore, crl, CERT_STORE_ADD_ALWAYS, NULL)) {
446
+ xmlSecError(XMLSEC_ERRORS_HERE,
447
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
448
+ "CertAddCRLContextToStore",
449
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
450
+ XMLSEC_ERRORS_NO_MESSAGE);
451
+ return(-1);
452
+ }
453
+ ctx->numCrls++;
454
+
455
+ return(0);
456
+ }
457
+
458
+ /**
459
+ * xmlSecMSCryptoKeyDataX509GetCrl:
460
+ * @data: the pointer to X509 key data.
461
+ * @pos: the desired CRL position.
462
+ *
463
+ * Gets a CRL from X509 key data.
464
+ *
465
+ * Returns: the pointer to CRL or NULL if @pos is larger than the
466
+ * number of CRLs in @data or an error occurs.
467
+ */
468
+ PCCRL_CONTEXT
469
+ xmlSecMSCryptoKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
470
+ xmlSecMSCryptoX509DataCtxPtr ctx;
471
+ PCCRL_CONTEXT pCRL = NULL;
472
+
473
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
474
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
475
+ xmlSecAssert2(ctx != NULL, NULL);
476
+ xmlSecAssert2(ctx->hMemStore != 0, NULL);
477
+ xmlSecAssert2(ctx->numCrls > pos, NULL);
478
+
479
+ while ((pCRL = CertEnumCRLsInStore(ctx->hMemStore, pCRL)) && (pos > 0)) {
480
+ pos--;
481
+ }
482
+
483
+ return(pCRL);
484
+ }
485
+
486
+ /**
487
+ * xmlSecMSCryptoKeyDataX509GetCrlsSize:
488
+ * @data: the pointer to X509 key data.
489
+ *
490
+ * Gets the number of CRLs in @data.
491
+ *
492
+ * Returns: te number of CRLs in @data.
493
+ */
494
+ xmlSecSize
495
+ xmlSecMSCryptoKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
496
+ xmlSecMSCryptoX509DataCtxPtr ctx;
497
+
498
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), 0);
499
+
500
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
501
+ xmlSecAssert2(ctx != NULL, 0);
502
+
503
+ return(ctx->numCrls);
504
+ }
505
+
506
+ static int
507
+ xmlSecMSCryptoKeyDataX509Initialize(xmlSecKeyDataPtr data) {
508
+ xmlSecMSCryptoX509DataCtxPtr ctx;
509
+
510
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
511
+
512
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
513
+ xmlSecAssert2(ctx != NULL, -1);
514
+
515
+ memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
516
+
517
+ ctx->hMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
518
+ 0,
519
+ 0,
520
+ CERT_STORE_CREATE_NEW_FLAG,
521
+ NULL);
522
+ if (ctx->hMemStore == 0) {
523
+ xmlSecError(XMLSEC_ERRORS_HERE,
524
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
525
+ "CertOpenStore",
526
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
527
+ XMLSEC_ERRORS_NO_MESSAGE);
528
+ return(-1);
529
+ }
530
+
531
+ return(0);
532
+ }
533
+
534
+ static int
535
+ xmlSecMSCryptoKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
536
+ PCCERT_CONTEXT certSrc, certDst;
537
+ PCCRL_CONTEXT crlSrc, crlDst;
538
+ xmlSecSize size, pos;
539
+ int ret;
540
+
541
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCryptoKeyDataX509Id), -1);
542
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCryptoKeyDataX509Id), -1);
543
+
544
+ /* copy certsList */
545
+ size = xmlSecMSCryptoKeyDataX509GetCertsSize(src);
546
+ for(pos = 0; pos < size; ++pos) {
547
+ /* TBD: function below does linear scan, eliminate loop within
548
+ * loop
549
+ */
550
+ certSrc = xmlSecMSCryptoKeyDataX509GetCert(src, pos);
551
+ if(certSrc == NULL) {
552
+ xmlSecError(XMLSEC_ERRORS_HERE,
553
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
554
+ "xmlSecMSCryptoKeyDataX509GetCert",
555
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
556
+ "pos=%d", pos);
557
+ return(-1);
558
+ }
559
+
560
+ certDst = CertDuplicateCertificateContext(certSrc);
561
+ if(certDst == NULL) {
562
+ xmlSecError(XMLSEC_ERRORS_HERE,
563
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
564
+ "CertDuplicateCertificateContext",
565
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
566
+ XMLSEC_ERRORS_NO_MESSAGE);
567
+ return(-1);
568
+ }
569
+
570
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(dst, certDst);
571
+ if(ret < 0) {
572
+ xmlSecError(XMLSEC_ERRORS_HERE,
573
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
574
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
575
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
576
+ XMLSEC_ERRORS_NO_MESSAGE);
577
+ CertFreeCertificateContext(certDst);
578
+ return(-1);
579
+ }
580
+ }
581
+
582
+ /* copy crls */
583
+ size = xmlSecMSCryptoKeyDataX509GetCrlsSize(src);
584
+ for(pos = 0; pos < size; ++pos) {
585
+ crlSrc = xmlSecMSCryptoKeyDataX509GetCrl(src, pos);
586
+ if(crlSrc == NULL) {
587
+ xmlSecError(XMLSEC_ERRORS_HERE,
588
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
589
+ "xmlSecMSCryptoKeyDataX509GetCrl",
590
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
591
+ "pos=%d", pos);
592
+ return(-1);
593
+ }
594
+
595
+ crlDst = CertDuplicateCRLContext(crlSrc);
596
+ if(crlDst == NULL) {
597
+ xmlSecError(XMLSEC_ERRORS_HERE,
598
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
599
+ "CertDuplicateCRLContext",
600
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
601
+ XMLSEC_ERRORS_NO_MESSAGE);
602
+ return(-1);
603
+ }
604
+
605
+ ret = xmlSecMSCryptoKeyDataX509AdoptCrl(dst, crlDst);
606
+ if(ret < 0) {
607
+ xmlSecError(XMLSEC_ERRORS_HERE,
608
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
609
+ "xmlSecMSCryptoKeyDataX509AdoptCrl",
610
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
611
+ XMLSEC_ERRORS_NO_MESSAGE);
612
+ CertFreeCRLContext(crlDst);
613
+ return(-1);
614
+ }
615
+ }
616
+
617
+ /* copy key cert if exist */
618
+ certSrc = xmlSecMSCryptoKeyDataX509GetKeyCert(src);
619
+ if(certSrc != NULL) {
620
+ certDst = CertDuplicateCertificateContext(certSrc);
621
+ if(certDst == NULL) {
622
+ xmlSecError(XMLSEC_ERRORS_HERE,
623
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
624
+ "CertDuplicateCertificateContext",
625
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
626
+ XMLSEC_ERRORS_NO_MESSAGE);
627
+ return(-1);
628
+ }
629
+ ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(dst, certDst);
630
+ if(ret < 0) {
631
+ xmlSecError(XMLSEC_ERRORS_HERE,
632
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
633
+ "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
634
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
635
+ XMLSEC_ERRORS_NO_MESSAGE);
636
+ CertFreeCertificateContext(certDst);
637
+ return(-1);
638
+ }
639
+ }
640
+ return(0);
641
+ }
642
+
643
+ static void
644
+ xmlSecMSCryptoKeyDataX509Finalize(xmlSecKeyDataPtr data) {
645
+ xmlSecMSCryptoX509DataCtxPtr ctx;
646
+
647
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
648
+
649
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
650
+ xmlSecAssert(ctx != NULL);
651
+
652
+ if(ctx->keyCert != NULL) {
653
+ CertFreeCertificateContext(ctx->keyCert);
654
+ ctx->keyCert = NULL;
655
+ }
656
+
657
+ if (ctx->hMemStore != 0) {
658
+ if (!CertCloseStore(ctx->hMemStore, CERT_CLOSE_STORE_FORCE_FLAG)) {
659
+ xmlSecError(XMLSEC_ERRORS_HERE,
660
+ NULL,
661
+ "CertCloseStore",
662
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
663
+ XMLSEC_ERRORS_NO_MESSAGE);
664
+ return;
665
+ }
666
+ }
667
+
668
+ memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
669
+ }
670
+
671
+ static int
672
+ xmlSecMSCryptoKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
673
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
674
+ xmlSecKeyDataPtr data;
675
+ int ret;
676
+
677
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
678
+ xmlSecAssert2(key != NULL, -1);
679
+ xmlSecAssert2(node != NULL, -1);
680
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
681
+
682
+ data = xmlSecKeyEnsureData(key, id);
683
+ if(data == NULL) {
684
+ xmlSecError(XMLSEC_ERRORS_HERE,
685
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
686
+ "xmlSecKeyEnsureData",
687
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
688
+ XMLSEC_ERRORS_NO_MESSAGE);
689
+ return(-1);
690
+ }
691
+
692
+ ret = xmlSecMSCryptoX509DataNodeRead(data, node, keyInfoCtx);
693
+ if(ret < 0) {
694
+ xmlSecError(XMLSEC_ERRORS_HERE,
695
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
696
+ "xmlSecMSCryptoX509DataNodeRead",
697
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
698
+ XMLSEC_ERRORS_NO_MESSAGE);
699
+ return(-1);
700
+ }
701
+
702
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
703
+ ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
704
+ if(ret < 0) {
705
+ xmlSecError(XMLSEC_ERRORS_HERE,
706
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
707
+ "xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
708
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
709
+ XMLSEC_ERRORS_NO_MESSAGE);
710
+ return(-1);
711
+ }
712
+ }
713
+ return(0);
714
+ }
715
+
716
+ static int
717
+ xmlSecMSCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
718
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
719
+ xmlSecKeyDataPtr data;
720
+ PCCERT_CONTEXT cert;
721
+ PCCRL_CONTEXT crl;
722
+ xmlSecSize size, pos;
723
+ int content = 0;
724
+ int ret;
725
+
726
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
727
+ xmlSecAssert2(key != NULL, -1);
728
+ xmlSecAssert2(node != NULL, -1);
729
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
730
+
731
+ content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
732
+ if (content < 0) {
733
+ xmlSecError(XMLSEC_ERRORS_HERE,
734
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
735
+ "xmlSecX509DataGetNodeContent",
736
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
737
+ "content=%d", content);
738
+ return(-1);
739
+ } else if(content == 0) {
740
+ /* by default we are writing certificates and crls */
741
+ content = XMLSEC_X509DATA_DEFAULT;
742
+ }
743
+
744
+ /* get x509 data */
745
+ data = xmlSecKeyGetData(key, id);
746
+ if(data == NULL) {
747
+ /* no x509 data in the key */
748
+ return(0);
749
+ }
750
+
751
+ /* write certs */
752
+ size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
753
+ for(pos = 0; pos < size; ++pos) {
754
+ cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
755
+ if(cert == NULL) {
756
+ xmlSecError(XMLSEC_ERRORS_HERE,
757
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
758
+ "xmlSecMSCryptoKeyDataX509GetCert",
759
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
760
+ "pos=%d", pos);
761
+ return(-1);
762
+ }
763
+
764
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
765
+ ret = xmlSecMSCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx);
766
+ if(ret < 0) {
767
+ xmlSecError(XMLSEC_ERRORS_HERE,
768
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
769
+ "xmlSecMSCryptoX509CertificateNodeWrite",
770
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
771
+ "pos=%d", pos);
772
+ return(-1);
773
+ }
774
+ }
775
+
776
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
777
+ ret = xmlSecMSCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
778
+ if(ret < 0) {
779
+ xmlSecError(XMLSEC_ERRORS_HERE,
780
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
781
+ "xmlSecMSCryptoX509SubjectNameNodeWrite",
782
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
783
+ "pos=%d", pos);
784
+ return(-1);
785
+ }
786
+ }
787
+
788
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
789
+ ret = xmlSecMSCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
790
+ if(ret < 0) {
791
+ xmlSecError(XMLSEC_ERRORS_HERE,
792
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
793
+ "xmlSecMSCryptoX509IssuerSerialNodeWrite",
794
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
795
+ "pos=%d", pos);
796
+ return(-1);
797
+ }
798
+ }
799
+
800
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
801
+ ret = xmlSecMSCryptoX509SKINodeWrite(cert, node, keyInfoCtx);
802
+ if(ret < 0) {
803
+ xmlSecError(XMLSEC_ERRORS_HERE,
804
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
805
+ "xmlSecMSCryptoX509SKINodeWrite",
806
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
807
+ "pos=%d", pos);
808
+ return(-1);
809
+ }
810
+ }
811
+ }
812
+
813
+ /* write crls if needed */
814
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
815
+ size = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
816
+ for(pos = 0; pos < size; ++pos) {
817
+ crl = xmlSecMSCryptoKeyDataX509GetCrl(data, pos);
818
+ if(crl == NULL) {
819
+ xmlSecError(XMLSEC_ERRORS_HERE,
820
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
821
+ "xmlSecMSCryptoKeyDataX509GetCrl",
822
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
823
+ "pos=%d", pos);
824
+ return(-1);
825
+ }
826
+
827
+ ret = xmlSecMSCryptoX509CRLNodeWrite(crl, node, keyInfoCtx);
828
+ if(ret < 0) {
829
+ xmlSecError(XMLSEC_ERRORS_HERE,
830
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
831
+ "xmlSecMSCryptoX509CRLNodeWrite",
832
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
833
+ "pos=%d", pos);
834
+ return(-1);
835
+ }
836
+ }
837
+ }
838
+
839
+ return(0);
840
+ }
841
+
842
+ static xmlSecKeyDataType
843
+ xmlSecMSCryptoKeyDataX509GetType(xmlSecKeyDataPtr data) {
844
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), xmlSecKeyDataTypeUnknown);
845
+
846
+ /* TODO: return verified/not verified status */
847
+ return(xmlSecKeyDataTypeUnknown);
848
+ }
849
+
850
+ static const xmlChar*
851
+ xmlSecMSCryptoKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
852
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
853
+
854
+ /* TODO */
855
+ return(NULL);
856
+ }
857
+
858
+ static void
859
+ xmlSecMSCryptoKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
860
+ PCCERT_CONTEXT cert;
861
+ xmlSecSize size, pos;
862
+
863
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
864
+ xmlSecAssert(output != NULL);
865
+
866
+ fprintf(output, "=== X509 Data:\n");
867
+ cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
868
+ if(cert != NULL) {
869
+ fprintf(output, "==== Key Certificate:\n");
870
+ xmlSecMSCryptoX509CertDebugDump(cert, output);
871
+ }
872
+
873
+ size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
874
+ for(pos = 0; pos < size; ++pos) {
875
+ cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
876
+ if(cert == NULL) {
877
+ xmlSecError(XMLSEC_ERRORS_HERE,
878
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
879
+ "xmlSecMSCryptoKeyDataX509GetCert",
880
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
881
+ "pos=%d", pos);
882
+ return;
883
+ }
884
+ fprintf(output, "==== Certificate:\n");
885
+ xmlSecMSCryptoX509CertDebugDump(cert, output);
886
+ }
887
+
888
+ /* we don't print out crls */
889
+ }
890
+
891
+ static void
892
+ xmlSecMSCryptoKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
893
+ PCCERT_CONTEXT cert;
894
+ xmlSecSize size, pos;
895
+
896
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id));
897
+ xmlSecAssert(output != NULL);
898
+
899
+ fprintf(output, "<X509Data>\n");
900
+ cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
901
+ if(cert != NULL) {
902
+ fprintf(output, "<KeyCertificate>\n");
903
+ xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
904
+ fprintf(output, "</KeyCertificate>\n");
905
+ }
906
+
907
+ size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
908
+ for(pos = 0; pos < size; ++pos) {
909
+ cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
910
+ if(cert == NULL) {
911
+ xmlSecError(XMLSEC_ERRORS_HERE,
912
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
913
+ "xmlSecMSCryptoKeyDataX509GetCert",
914
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
915
+ "pos=%d", pos);
916
+ return;
917
+ }
918
+ fprintf(output, "<Certificate>\n");
919
+ xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
920
+ fprintf(output, "</Certificate>\n");
921
+ }
922
+
923
+ /* we don't print out crls */
924
+ fprintf(output, "</X509Data>\n");
925
+ }
926
+
927
+ static int
928
+ xmlSecMSCryptoX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
929
+ xmlNodePtr cur;
930
+ int ret;
931
+
932
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
933
+ xmlSecAssert2(node != NULL, -1);
934
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
935
+
936
+ for(cur = xmlSecGetNextElementNode(node->children);
937
+ cur != NULL;
938
+ cur = xmlSecGetNextElementNode(cur->next)) {
939
+
940
+ ret = 0;
941
+ if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
942
+ ret = xmlSecMSCryptoX509CertificateNodeRead(data, cur, keyInfoCtx);
943
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
944
+ ret = xmlSecMSCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx);
945
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
946
+ ret = xmlSecMSCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
947
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
948
+ ret = xmlSecMSCryptoX509SKINodeRead(data, cur, keyInfoCtx);
949
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
950
+ ret = xmlSecMSCryptoX509CRLNodeRead(data, cur, keyInfoCtx);
951
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
952
+ /* laxi schema validation: ignore unknown nodes */
953
+ xmlSecError(XMLSEC_ERRORS_HERE,
954
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
955
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
956
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
957
+ XMLSEC_ERRORS_NO_MESSAGE);
958
+ return(-1);
959
+ }
960
+ if(ret < 0) {
961
+ xmlSecError(XMLSEC_ERRORS_HERE,
962
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
963
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
964
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
965
+ "read node failed");
966
+ return(-1);
967
+ }
968
+ }
969
+ return(0);
970
+ }
971
+
972
+ static int
973
+ xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
974
+ xmlChar *content;
975
+ PCCERT_CONTEXT cert;
976
+ int ret;
977
+
978
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
979
+ xmlSecAssert2(node != NULL, -1);
980
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
981
+
982
+ content = xmlNodeGetContent(node);
983
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
984
+ if(content != NULL) {
985
+ xmlFree(content);
986
+ }
987
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
988
+ xmlSecError(XMLSEC_ERRORS_HERE,
989
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
990
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
991
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
992
+ XMLSEC_ERRORS_NO_MESSAGE);
993
+ return(-1);
994
+ }
995
+ return(0);
996
+ }
997
+
998
+ cert = xmlSecMSCryptoX509CertBase64DerRead(content);
999
+ if(cert == NULL) {
1000
+ xmlSecError(XMLSEC_ERRORS_HERE,
1001
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1002
+ "xmlSecMSCryptoX509CertBase64DerRead",
1003
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1004
+ XMLSEC_ERRORS_NO_MESSAGE);
1005
+ xmlFree(content);
1006
+ return(-1);
1007
+ }
1008
+
1009
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
1010
+ if(ret < 0) {
1011
+ xmlSecError(XMLSEC_ERRORS_HERE,
1012
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1013
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
1014
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1015
+ XMLSEC_ERRORS_NO_MESSAGE);
1016
+ CertFreeCertificateContext(cert);
1017
+ xmlFree(content);
1018
+ return(-1);
1019
+ }
1020
+
1021
+ xmlFree(content);
1022
+ return(0);
1023
+ }
1024
+
1025
+ static int
1026
+ xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
1027
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1028
+ xmlChar* buf;
1029
+ xmlNodePtr cur;
1030
+
1031
+ xmlSecAssert2(cert != NULL, -1);
1032
+ xmlSecAssert2(node != NULL, -1);
1033
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1034
+
1035
+ /* set base64 lines size from context */
1036
+ buf = xmlSecMSCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
1037
+ if(buf == NULL) {
1038
+ xmlSecError(XMLSEC_ERRORS_HERE,
1039
+ NULL,
1040
+ "xmlSecMSCryptoX509CertBase64DerWrite",
1041
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1042
+ XMLSEC_ERRORS_NO_MESSAGE);
1043
+ return(-1);
1044
+ }
1045
+
1046
+ cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
1047
+ if(cur == NULL) {
1048
+ xmlSecError(XMLSEC_ERRORS_HERE,
1049
+ NULL,
1050
+ "xmlSecAddChild",
1051
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1052
+ "node=%s",
1053
+ xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
1054
+ xmlFree(buf);
1055
+ return(-1);
1056
+ }
1057
+
1058
+ /* todo: add \n around base64 data - from context */
1059
+ /* todo: add errors check */
1060
+ xmlNodeSetContent(cur, xmlSecStringCR);
1061
+ xmlNodeSetContent(cur, buf);
1062
+ xmlFree(buf);
1063
+ return(0);
1064
+ }
1065
+
1066
+ static int
1067
+ xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1068
+ xmlSecKeyDataStorePtr x509Store;
1069
+ xmlChar* subject;
1070
+ PCCERT_CONTEXT cert;
1071
+ int ret;
1072
+
1073
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
1074
+ xmlSecAssert2(node != NULL, -1);
1075
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1076
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1077
+
1078
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
1079
+ if(x509Store == NULL) {
1080
+ xmlSecError(XMLSEC_ERRORS_HERE,
1081
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1082
+ "xmlSecKeysMngrGetDataStore",
1083
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1084
+ XMLSEC_ERRORS_NO_MESSAGE);
1085
+ return(-1);
1086
+ }
1087
+
1088
+ subject = xmlNodeGetContent(node);
1089
+ if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
1090
+ if(subject != NULL) {
1091
+ xmlFree(subject);
1092
+ }
1093
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1094
+ xmlSecError(XMLSEC_ERRORS_HERE,
1095
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1096
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1097
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1098
+ XMLSEC_ERRORS_NO_MESSAGE);
1099
+ return(-1);
1100
+ }
1101
+ return(0);
1102
+ }
1103
+
1104
+ cert = xmlSecMSCryptoX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
1105
+ if(cert == NULL){
1106
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1107
+ xmlSecError(XMLSEC_ERRORS_HERE,
1108
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1109
+ NULL,
1110
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1111
+ "subject=%s",
1112
+ xmlSecErrorsSafeString(subject));
1113
+ xmlFree(subject);
1114
+ return(-1);
1115
+ }
1116
+ xmlFree(subject);
1117
+ return(0);
1118
+ }
1119
+
1120
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
1121
+ if(ret < 0) {
1122
+ xmlSecError(XMLSEC_ERRORS_HERE,
1123
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1124
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
1125
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1126
+ XMLSEC_ERRORS_NO_MESSAGE);
1127
+ CertFreeCertificateContext(cert);
1128
+ xmlFree(subject);
1129
+ return(-1);
1130
+ }
1131
+
1132
+ xmlFree(subject);
1133
+ return(0);
1134
+ }
1135
+
1136
+ static int
1137
+ xmlSecMSCryptoX509SubjectNameNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1138
+ xmlChar* buf = NULL;
1139
+ xmlNodePtr cur = NULL;
1140
+
1141
+ xmlSecAssert2(cert != NULL, -1);
1142
+ xmlSecAssert2(node != NULL, -1);
1143
+
1144
+ buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject));
1145
+ if(buf == NULL) {
1146
+ xmlSecError(XMLSEC_ERRORS_HERE,
1147
+ NULL,
1148
+ "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject))",
1149
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1150
+ XMLSEC_ERRORS_NO_MESSAGE);
1151
+ return(-1);
1152
+ }
1153
+
1154
+ cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
1155
+ if(cur == NULL) {
1156
+ xmlSecError(XMLSEC_ERRORS_HERE,
1157
+ NULL,
1158
+ "xmlSecAddChild",
1159
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1160
+ "node=%s",
1161
+ xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
1162
+ xmlFree(buf);
1163
+ return(-1);
1164
+ }
1165
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1166
+ xmlFree(buf);
1167
+ return(0);
1168
+ }
1169
+
1170
+ static int
1171
+ xmlSecMSCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1172
+ xmlSecKeyDataStorePtr x509Store;
1173
+ xmlNodePtr cur;
1174
+ xmlChar *issuerName;
1175
+ xmlChar *issuerSerial;
1176
+ PCCERT_CONTEXT cert;
1177
+ int ret;
1178
+
1179
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
1180
+ xmlSecAssert2(node != NULL, -1);
1181
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1182
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1183
+
1184
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
1185
+ if(x509Store == NULL) {
1186
+ xmlSecError(XMLSEC_ERRORS_HERE,
1187
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1188
+ "xmlSecKeysMngrGetDataStore",
1189
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1190
+ XMLSEC_ERRORS_NO_MESSAGE);
1191
+ return(-1);
1192
+ }
1193
+
1194
+ cur = xmlSecGetNextElementNode(node->children);
1195
+ if(cur == NULL) {
1196
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1197
+ xmlSecError(XMLSEC_ERRORS_HERE,
1198
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1199
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1200
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1201
+ "node=%s",
1202
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1203
+ return(-1);
1204
+ }
1205
+ return(0);
1206
+ }
1207
+
1208
+ /* the first is required node X509IssuerName */
1209
+ if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
1210
+ xmlSecError(XMLSEC_ERRORS_HERE,
1211
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1212
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1213
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1214
+ "node=%s",
1215
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1216
+ return(-1);
1217
+ }
1218
+ issuerName = xmlNodeGetContent(cur);
1219
+ if(issuerName == NULL) {
1220
+ xmlSecError(XMLSEC_ERRORS_HERE,
1221
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1222
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1223
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1224
+ "node=%s",
1225
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1226
+ return(-1);
1227
+ }
1228
+ cur = xmlSecGetNextElementNode(cur->next);
1229
+
1230
+ /* next is required node X509SerialNumber */
1231
+ if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
1232
+ xmlSecError(XMLSEC_ERRORS_HERE,
1233
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1234
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1235
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1236
+ "node=%s",
1237
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1238
+ xmlFree(issuerName);
1239
+ return(-1);
1240
+ }
1241
+ issuerSerial = xmlNodeGetContent(cur);
1242
+ if(issuerSerial == NULL) {
1243
+ xmlSecError(XMLSEC_ERRORS_HERE,
1244
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1245
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
1246
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1247
+ "node=%s",
1248
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1249
+ xmlFree(issuerName);
1250
+ return(-1);
1251
+ }
1252
+ cur = xmlSecGetNextElementNode(cur->next);
1253
+
1254
+ if(cur != NULL) {
1255
+ xmlSecError(XMLSEC_ERRORS_HERE,
1256
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1257
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1258
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
1259
+ XMLSEC_ERRORS_NO_MESSAGE);
1260
+ xmlFree(issuerSerial);
1261
+ xmlFree(issuerName);
1262
+ return(-1);
1263
+ }
1264
+
1265
+ cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
1266
+ if(cert == NULL){
1267
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1268
+ xmlSecError(XMLSEC_ERRORS_HERE,
1269
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1270
+ NULL,
1271
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1272
+ "issuerName=%s;issuerSerial=%s",
1273
+ xmlSecErrorsSafeString(issuerName),
1274
+ xmlSecErrorsSafeString(issuerSerial));
1275
+ xmlFree(issuerSerial);
1276
+ xmlFree(issuerName);
1277
+ return(-1);
1278
+ }
1279
+
1280
+ xmlFree(issuerSerial);
1281
+ xmlFree(issuerName);
1282
+ return(0);
1283
+ }
1284
+
1285
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
1286
+ if(ret < 0) {
1287
+ xmlSecError(XMLSEC_ERRORS_HERE,
1288
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1289
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
1290
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1291
+ XMLSEC_ERRORS_NO_MESSAGE);
1292
+ CertFreeCertificateContext(cert);
1293
+ xmlFree(issuerSerial);
1294
+ xmlFree(issuerName);
1295
+ return(-1);
1296
+ }
1297
+
1298
+ xmlFree(issuerSerial);
1299
+ xmlFree(issuerName);
1300
+ return(0);
1301
+ }
1302
+
1303
+ static int
1304
+ xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert,
1305
+ xmlNodePtr node,
1306
+ xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1307
+ xmlNodePtr cur;
1308
+ xmlNodePtr issuerNameNode;
1309
+ xmlNodePtr issuerNumberNode;
1310
+ xmlChar* buf;
1311
+ int ret;
1312
+
1313
+ xmlSecAssert2(cert != NULL, -1);
1314
+ xmlSecAssert2(node != NULL, -1);
1315
+
1316
+ /* create xml nodes */
1317
+ cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
1318
+ if(cur == NULL) {
1319
+ xmlSecError(XMLSEC_ERRORS_HERE,
1320
+ NULL,
1321
+ "xmlSecAddChild",
1322
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1323
+ "node=%s",
1324
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
1325
+ return(-1);
1326
+ }
1327
+
1328
+ issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
1329
+ if(issuerNameNode == NULL) {
1330
+ xmlSecError(XMLSEC_ERRORS_HERE,
1331
+ NULL,
1332
+ "xmlSecAddChild",
1333
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1334
+ "node=%s",
1335
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1336
+ return(-1);
1337
+ }
1338
+
1339
+ issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
1340
+ if(issuerNumberNode == NULL) {
1341
+ xmlSecError(XMLSEC_ERRORS_HERE,
1342
+ NULL,
1343
+ "xmlSecAddChild",
1344
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1345
+ "node=%s",
1346
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1347
+ return(-1);
1348
+ }
1349
+
1350
+ /* write data */
1351
+ buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer));
1352
+ if(buf == NULL) {
1353
+ xmlSecError(XMLSEC_ERRORS_HERE,
1354
+ NULL,
1355
+ "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer))",
1356
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1357
+ XMLSEC_ERRORS_NO_MESSAGE);
1358
+ return(-1);
1359
+ }
1360
+ xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
1361
+ xmlFree(buf);
1362
+
1363
+ ret = xmlSecMSCryptoASN1IntegerWrite(issuerNumberNode, &(cert->pCertInfo->SerialNumber));
1364
+ if(ret < 0) {
1365
+ xmlSecError(XMLSEC_ERRORS_HERE,
1366
+ NULL,
1367
+ "xmlSecMSCryptoASN1IntegerWrite(&(cert->serialNumber))",
1368
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1369
+ XMLSEC_ERRORS_NO_MESSAGE);
1370
+ return(-1);
1371
+ }
1372
+ return(0);
1373
+ }
1374
+
1375
+ static int
1376
+ xmlSecMSCryptoX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1377
+ xmlSecKeyDataStorePtr x509Store;
1378
+ xmlChar* ski;
1379
+ PCCERT_CONTEXT cert;
1380
+ int ret;
1381
+
1382
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
1383
+ xmlSecAssert2(node != NULL, -1);
1384
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1385
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1386
+
1387
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
1388
+ if(x509Store == NULL) {
1389
+ xmlSecError(XMLSEC_ERRORS_HERE,
1390
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1391
+ "xmlSecKeysMngrGetDataStore",
1392
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1393
+ XMLSEC_ERRORS_NO_MESSAGE);
1394
+ return(-1);
1395
+ }
1396
+
1397
+ ski = xmlNodeGetContent(node);
1398
+ if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
1399
+ if(ski != NULL) {
1400
+ xmlFree(ski);
1401
+ }
1402
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1403
+ xmlSecError(XMLSEC_ERRORS_HERE,
1404
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1405
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1406
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1407
+ "node=%s",
1408
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1409
+ return(-1);
1410
+ }
1411
+ return(0);
1412
+ }
1413
+
1414
+ cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
1415
+ if(cert == NULL){
1416
+ xmlFree(ski);
1417
+
1418
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1419
+ xmlSecError(XMLSEC_ERRORS_HERE,
1420
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1421
+ NULL,
1422
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1423
+ "ski=%s",
1424
+ xmlSecErrorsSafeString(ski));
1425
+ return(-1);
1426
+ }
1427
+ return(0);
1428
+ }
1429
+
1430
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
1431
+ if(ret < 0) {
1432
+ xmlSecError(XMLSEC_ERRORS_HERE,
1433
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1434
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
1435
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1436
+ XMLSEC_ERRORS_NO_MESSAGE);
1437
+ CertFreeCertificateContext(cert);
1438
+ xmlFree(ski);
1439
+ return(-1);
1440
+ }
1441
+
1442
+ xmlFree(ski);
1443
+ return(0);
1444
+ }
1445
+
1446
+ static int
1447
+ xmlSecMSCryptoX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1448
+ xmlChar *buf = NULL;
1449
+ xmlNodePtr cur = NULL;
1450
+
1451
+ xmlSecAssert2(cert != NULL, -1);
1452
+ xmlSecAssert2(node != NULL, -1);
1453
+
1454
+ buf = xmlSecMSCryptoX509SKIWrite(cert);
1455
+ if(buf == NULL) {
1456
+ xmlSecError(XMLSEC_ERRORS_HERE,
1457
+ NULL,
1458
+ "xmlSecMSCryptoX509SKIWrite",
1459
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1460
+ XMLSEC_ERRORS_NO_MESSAGE);
1461
+ return(-1);
1462
+ }
1463
+
1464
+ cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
1465
+ if(cur == NULL) {
1466
+ xmlSecError(XMLSEC_ERRORS_HERE,
1467
+ NULL,
1468
+ "xmlSecAddChild",
1469
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1470
+ "new_node=%s",
1471
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1472
+ xmlFree(buf);
1473
+ return(-1);
1474
+ }
1475
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1476
+ xmlFree(buf);
1477
+
1478
+ return(0);
1479
+ }
1480
+
1481
+ static int
1482
+ xmlSecMSCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1483
+ xmlChar *content;
1484
+ PCCRL_CONTEXT crl;
1485
+
1486
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
1487
+ xmlSecAssert2(node != NULL, -1);
1488
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1489
+
1490
+ content = xmlNodeGetContent(node);
1491
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
1492
+ if(content != NULL) {
1493
+ xmlFree(content);
1494
+ }
1495
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1496
+ xmlSecError(XMLSEC_ERRORS_HERE,
1497
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1498
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1499
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1500
+ XMLSEC_ERRORS_NO_MESSAGE);
1501
+ return(-1);
1502
+ }
1503
+ return(0);
1504
+ }
1505
+
1506
+ crl = xmlSecMSCryptoX509CrlBase64DerRead(content, keyInfoCtx);
1507
+ if(crl == NULL) {
1508
+ xmlSecError(XMLSEC_ERRORS_HERE,
1509
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1510
+ "xmlSecMSCryptoX509CrlBase64DerRead",
1511
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1512
+ XMLSEC_ERRORS_NO_MESSAGE);
1513
+ xmlFree(content);
1514
+ return(-1);
1515
+ }
1516
+
1517
+ if (0 != xmlSecMSCryptoKeyDataX509AdoptCrl(data, crl)) {
1518
+ xmlSecError(XMLSEC_ERRORS_HERE,
1519
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1520
+ "xmlSecMSCryptoKeyDataX509AdoptCrl",
1521
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1522
+ XMLSEC_ERRORS_NO_MESSAGE);
1523
+ xmlFree(content);
1524
+ CertFreeCRLContext(crl);
1525
+ return(-1);
1526
+ }
1527
+
1528
+ xmlFree(content);
1529
+ return(0);
1530
+ }
1531
+
1532
+ static int
1533
+ xmlSecMSCryptoX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1534
+ xmlChar* buf = NULL;
1535
+ xmlNodePtr cur = NULL;
1536
+
1537
+ xmlSecAssert2(crl != NULL, -1);
1538
+ xmlSecAssert2(node != NULL, -1);
1539
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1540
+
1541
+ /* set base64 lines size from context */
1542
+ buf = xmlSecMSCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
1543
+ if(buf == NULL) {
1544
+ xmlSecError(XMLSEC_ERRORS_HERE,
1545
+ NULL,
1546
+ "xmlSecMSCryptoX509CrlBase64DerWrite",
1547
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1548
+ XMLSEC_ERRORS_NO_MESSAGE);
1549
+ return(-1);
1550
+ }
1551
+
1552
+ cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
1553
+ if(cur == NULL) {
1554
+ xmlSecError(XMLSEC_ERRORS_HERE,
1555
+ NULL,
1556
+ "xmlSecAddChild",
1557
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1558
+ "new_node=%s",
1559
+ xmlSecErrorsSafeString(xmlSecNodeX509CRL));
1560
+ xmlFree(buf);
1561
+ return(-1);
1562
+ }
1563
+ /* todo: add \n around base64 data - from context */
1564
+ /* todo: add errors check */
1565
+ xmlNodeSetContent(cur, xmlSecStringCR);
1566
+ xmlNodeSetContent(cur, buf);
1567
+ xmlFree(buf);
1568
+
1569
+ return(0);
1570
+ }
1571
+
1572
+
1573
+ static int
1574
+ xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
1575
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1576
+ xmlSecMSCryptoX509DataCtxPtr ctx;
1577
+ xmlSecKeyDataStorePtr x509Store;
1578
+ int ret;
1579
+
1580
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
1581
+ xmlSecAssert2(key != NULL, -1);
1582
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1583
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1584
+
1585
+ ctx = xmlSecMSCryptoX509DataGetCtx(data);
1586
+ xmlSecAssert2(ctx != NULL, -1);
1587
+ xmlSecAssert2(ctx->hMemStore != 0, -1);
1588
+
1589
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
1590
+ if(x509Store == NULL) {
1591
+ xmlSecError(XMLSEC_ERRORS_HERE,
1592
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1593
+ "xmlSecKeysMngrGetDataStore",
1594
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1595
+ XMLSEC_ERRORS_NO_MESSAGE);
1596
+ return(-1);
1597
+ }
1598
+
1599
+ if((ctx->keyCert == NULL) && (xmlSecKeyGetValue(key) == NULL)) {
1600
+ PCCERT_CONTEXT cert;
1601
+
1602
+ cert = xmlSecMSCryptoX509StoreVerify(x509Store, ctx->hMemStore, keyInfoCtx);
1603
+ if(cert != NULL) {
1604
+ xmlSecKeyDataPtr keyValue = NULL;
1605
+ PCCERT_CONTEXT pCert = NULL;
1606
+
1607
+ ctx->keyCert = CertDuplicateCertificateContext(cert);
1608
+ if(ctx->keyCert == NULL) {
1609
+ xmlSecError(XMLSEC_ERRORS_HERE,
1610
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1611
+ "CertDuplicateCertificateContext",
1612
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1613
+ XMLSEC_ERRORS_NO_MESSAGE);
1614
+ return(-1);
1615
+ }
1616
+
1617
+ /* search key according to KeyReq */
1618
+ pCert = CertDuplicateCertificateContext( ctx->keyCert ) ;
1619
+ if( pCert == NULL ) {
1620
+ xmlSecError( XMLSEC_ERRORS_HERE,
1621
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1622
+ "CertDuplicateCertificateContext",
1623
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1624
+ XMLSEC_ERRORS_NO_MESSAGE);
1625
+
1626
+ return(-1);
1627
+ }
1628
+
1629
+ if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate ) == xmlSecKeyDataTypePrivate ) {
1630
+ keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePrivate ) ;
1631
+ if(keyValue == NULL) {
1632
+ xmlSecError(XMLSEC_ERRORS_HERE,
1633
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1634
+ "xmlSecMSCryptoCertAdopt",
1635
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1636
+ XMLSEC_ERRORS_NO_MESSAGE);
1637
+ CertFreeCertificateContext( pCert ) ;
1638
+ return(-1);
1639
+ }
1640
+ pCert = NULL ;
1641
+ } else if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePublic ) == xmlSecKeyDataTypePublic ) {
1642
+ keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePublic ) ;
1643
+ if(keyValue == NULL) {
1644
+ xmlSecError(XMLSEC_ERRORS_HERE,
1645
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1646
+ "xmlSecMSCryptoCertAdopt",
1647
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1648
+ XMLSEC_ERRORS_NO_MESSAGE);
1649
+ CertFreeCertificateContext( pCert ) ;
1650
+ return(-1);
1651
+ }
1652
+ pCert = NULL ;
1653
+ }
1654
+
1655
+ /* verify that the key matches our expectations */
1656
+ if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
1657
+ xmlSecError(XMLSEC_ERRORS_HERE,
1658
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1659
+ "xmlSecKeyReqMatchKeyValue",
1660
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1661
+ XMLSEC_ERRORS_NO_MESSAGE);
1662
+ xmlSecKeyDataDestroy(keyValue);
1663
+ return(-1);
1664
+ }
1665
+
1666
+ ret = xmlSecKeySetValue(key, keyValue);
1667
+ if(ret < 0) {
1668
+ xmlSecError(XMLSEC_ERRORS_HERE,
1669
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1670
+ "xmlSecKeySetValue",
1671
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1672
+ XMLSEC_ERRORS_NO_MESSAGE);
1673
+ xmlSecKeyDataDestroy(keyValue);
1674
+ return(-1);
1675
+ }
1676
+
1677
+ ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotBefore, &(key->notValidBefore));
1678
+ if(ret < 0) {
1679
+ xmlSecError(XMLSEC_ERRORS_HERE,
1680
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1681
+ "xmlSecMSCryptoX509CertGetTime",
1682
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1683
+ "notValidBefore");
1684
+ return(-1);
1685
+ }
1686
+
1687
+ ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotAfter, &(key->notValidAfter));
1688
+ if(ret < 0) {
1689
+ xmlSecError(XMLSEC_ERRORS_HERE,
1690
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1691
+ "xmlSecMSCryptoX509CertGetTime",
1692
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1693
+ "notValidAfter");
1694
+ return(-1);
1695
+ }
1696
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
1697
+ xmlSecError(XMLSEC_ERRORS_HERE,
1698
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1699
+ NULL,
1700
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1701
+ XMLSEC_ERRORS_NO_MESSAGE);
1702
+ return(-1);
1703
+ }
1704
+ }
1705
+ return(0);
1706
+ }
1707
+
1708
+ static int
1709
+ xmlSecMSCryptoX509CertGetTime(FILETIME t, time_t* res) {
1710
+ LONGLONG result;
1711
+
1712
+ xmlSecAssert2(res != NULL, -1);
1713
+
1714
+ result = t.dwHighDateTime;
1715
+ result = (result) << 32;
1716
+ result |= t.dwLowDateTime;
1717
+ result /= 10000; /* Convert from 100 nano-sec periods to seconds. */
1718
+ #if defined(__MINGW32__)
1719
+ result -= 11644473600000ULL; /* Convert from Windows epoch to Unix epoch */
1720
+ #else
1721
+ result -= 11644473600000; /* Convert from Windows epoch to Unix epoch */
1722
+ #endif
1723
+
1724
+ (*res) = (time_t)result;
1725
+
1726
+ return(0);
1727
+ }
1728
+
1729
+ static PCCERT_CONTEXT
1730
+ xmlSecMSCryptoX509CertBase64DerRead(xmlChar* buf) {
1731
+ int ret;
1732
+
1733
+ xmlSecAssert2(buf != NULL, NULL);
1734
+
1735
+ /* usual trick with base64 decoding "in-place" */
1736
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1737
+ if(ret < 0) {
1738
+ xmlSecError(XMLSEC_ERRORS_HERE,
1739
+ NULL,
1740
+ "xmlSecBase64Decode",
1741
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1742
+ XMLSEC_ERRORS_NO_MESSAGE);
1743
+ return(NULL);
1744
+ }
1745
+
1746
+ return(xmlSecMSCryptoX509CertDerRead((xmlSecByte*)buf, ret));
1747
+ }
1748
+
1749
+
1750
+ static PCCERT_CONTEXT
1751
+ xmlSecMSCryptoX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
1752
+ PCCERT_CONTEXT cert;
1753
+
1754
+ xmlSecAssert2(buf != NULL, NULL);
1755
+ xmlSecAssert2(size > 0, NULL);
1756
+
1757
+ cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
1758
+ if(cert == NULL) {
1759
+ xmlSecError(XMLSEC_ERRORS_HERE,
1760
+ NULL,
1761
+ "CertCreateCertificateContext",
1762
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1763
+ XMLSEC_ERRORS_NO_MESSAGE);
1764
+ return(NULL);
1765
+ }
1766
+
1767
+ return(cert);
1768
+ }
1769
+
1770
+ static xmlChar*
1771
+ xmlSecMSCryptoX509CertBase64DerWrite(PCCERT_CONTEXT cert, int base64LineWrap) {
1772
+ xmlChar *res = NULL;
1773
+ xmlSecByte *p = NULL;
1774
+ long size;
1775
+
1776
+ xmlSecAssert2(cert != NULL, NULL);
1777
+
1778
+ p = cert->pbCertEncoded;
1779
+ size = cert->cbCertEncoded;
1780
+ if((size <= 0) || (p == NULL)){
1781
+ xmlSecError(XMLSEC_ERRORS_HERE,
1782
+ NULL,
1783
+ "cert->pbCertEncoded",
1784
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1785
+ XMLSEC_ERRORS_NO_MESSAGE);
1786
+ return(NULL);
1787
+ }
1788
+
1789
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
1790
+ if(res == NULL) {
1791
+ xmlSecError(XMLSEC_ERRORS_HERE,
1792
+ NULL,
1793
+ "xmlSecBase64Encode",
1794
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1795
+ XMLSEC_ERRORS_NO_MESSAGE);
1796
+ return(NULL);
1797
+ }
1798
+
1799
+ return(res);
1800
+ }
1801
+
1802
+ static PCCRL_CONTEXT
1803
+ xmlSecMSCryptoX509CrlBase64DerRead(xmlChar* buf,
1804
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1805
+ int ret;
1806
+
1807
+ xmlSecAssert2(buf != NULL, NULL);
1808
+
1809
+ /* usual trick with base64 decoding "in-place" */
1810
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1811
+ if(ret < 0) {
1812
+ xmlSecError(XMLSEC_ERRORS_HERE,
1813
+ NULL,
1814
+ "xmlSecBase64Decode",
1815
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1816
+ XMLSEC_ERRORS_NO_MESSAGE);
1817
+ return(NULL);
1818
+ }
1819
+
1820
+ return(xmlSecMSCryptoX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
1821
+ }
1822
+
1823
+
1824
+ static PCCRL_CONTEXT
1825
+ xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
1826
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1827
+ PCCRL_CONTEXT crl = NULL;
1828
+
1829
+ xmlSecAssert2(buf != NULL, NULL);
1830
+ xmlSecAssert2(keyInfoCtx != NULL, NULL);
1831
+ xmlSecAssert2(size > 0, NULL);
1832
+
1833
+ crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
1834
+
1835
+ if(crl == NULL) {
1836
+ xmlSecError(XMLSEC_ERRORS_HERE,
1837
+ NULL,
1838
+ "CertCreateCRLContext",
1839
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1840
+ XMLSEC_ERRORS_NO_MESSAGE);
1841
+ return(NULL);
1842
+ }
1843
+
1844
+ return(crl);
1845
+ }
1846
+
1847
+ static xmlChar*
1848
+ xmlSecMSCryptoX509CrlBase64DerWrite(PCCRL_CONTEXT crl, int base64LineWrap) {
1849
+ xmlChar *res = NULL;
1850
+ xmlSecByte *p = NULL;
1851
+ long size;
1852
+
1853
+ xmlSecAssert2(crl != NULL, NULL);
1854
+
1855
+ p = crl->pbCrlEncoded;
1856
+ size = crl->cbCrlEncoded;
1857
+ if((size <= 0) || (p == NULL)){
1858
+ xmlSecError(XMLSEC_ERRORS_HERE,
1859
+ NULL,
1860
+ "crl->pbCrlEncoded",
1861
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1862
+ XMLSEC_ERRORS_NO_MESSAGE);
1863
+ return(NULL);
1864
+ }
1865
+
1866
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
1867
+ if(res == NULL) {
1868
+ xmlSecError(XMLSEC_ERRORS_HERE,
1869
+ NULL,
1870
+ "xmlSecBase64Encode",
1871
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1872
+ XMLSEC_ERRORS_NO_MESSAGE);
1873
+ return(NULL);
1874
+ }
1875
+
1876
+ return(res);
1877
+ }
1878
+
1879
+ static xmlChar*
1880
+ xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm) {
1881
+ LPTSTR resT = NULL;
1882
+ xmlChar *res = NULL;
1883
+ DWORD csz;
1884
+
1885
+
1886
+ xmlSecAssert2(nm->pbData != NULL, NULL);
1887
+ xmlSecAssert2(nm->cbData > 0, NULL);
1888
+
1889
+ csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, NULL, 0);
1890
+ if(csz <= 0) {
1891
+ xmlSecError(XMLSEC_ERRORS_HERE,
1892
+ NULL,
1893
+ "CertNameToStr",
1894
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1895
+ XMLSEC_ERRORS_NO_MESSAGE);
1896
+ return(NULL);
1897
+ }
1898
+
1899
+ resT = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (csz + 1));
1900
+ if (NULL == resT) {
1901
+ xmlSecError(XMLSEC_ERRORS_HERE,
1902
+ NULL,
1903
+ "xmlMalloc",
1904
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
1905
+ "size=%d", sizeof(WCHAR) * (csz + 1));
1906
+ return (NULL);
1907
+ }
1908
+
1909
+ csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, resT, csz + 1);
1910
+ if (csz <= 0) {
1911
+ xmlSecError(XMLSEC_ERRORS_HERE,
1912
+ NULL,
1913
+ "CertNameToStr",
1914
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1915
+ XMLSEC_ERRORS_NO_MESSAGE);
1916
+ xmlFree(resT);
1917
+ return(NULL);
1918
+ }
1919
+
1920
+ res = xmlSecMSCryptoConvertTstrToUtf8(resT);
1921
+ if (NULL == res) {
1922
+ xmlSecError(XMLSEC_ERRORS_HERE,
1923
+ NULL,
1924
+ "xmlSecMSCryptoConvertTstrToUtf8",
1925
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1926
+ XMLSEC_ERRORS_NO_MESSAGE);
1927
+ xmlFree(resT);
1928
+ return(NULL);
1929
+ }
1930
+
1931
+ return(res);
1932
+ }
1933
+
1934
+
1935
+
1936
+ static int
1937
+ xmlSecMSCryptoASN1IntegerWrite(xmlNodePtr node, PCRYPT_INTEGER_BLOB num) {
1938
+ xmlSecBn bn;
1939
+ int ret;
1940
+
1941
+ xmlSecAssert2(node != NULL, -1);
1942
+ xmlSecAssert2(num != NULL, -1);
1943
+
1944
+ ret = xmlSecBnInitialize(&bn, num->cbData + 1);
1945
+ if(ret < 0) {
1946
+ xmlSecError(XMLSEC_ERRORS_HERE,
1947
+ NULL,
1948
+ "xmlSecBnInitialize",
1949
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1950
+ "size=%ld", num->cbData + 1);
1951
+ return(-1);
1952
+ }
1953
+
1954
+ ret = xmlSecBnSetData(&bn, num->pbData, num->cbData);
1955
+ if(ret < 0) {
1956
+ xmlSecError(XMLSEC_ERRORS_HERE,
1957
+ NULL,
1958
+ "xmlSecBnSetData",
1959
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1960
+ XMLSEC_ERRORS_NO_MESSAGE);
1961
+ xmlSecBnFinalize(&bn);
1962
+ return(-1);
1963
+ }
1964
+
1965
+ /* I have no clue why at a sudden a swap is needed to
1966
+ * convert from lsb... This code is purely based upon
1967
+ * trial and error :( WK
1968
+ */
1969
+ ret = xmlSecBnSetNodeValue(&bn, node, xmlSecBnDec, 1, 0);
1970
+ if(ret < 0) {
1971
+ xmlSecError(XMLSEC_ERRORS_HERE,
1972
+ NULL,
1973
+ "xmlSecBnSetNodeValue",
1974
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1975
+ XMLSEC_ERRORS_NO_MESSAGE);
1976
+ xmlSecBnFinalize(&bn);
1977
+ return(-1);
1978
+ }
1979
+
1980
+ xmlSecBnFinalize(&bn);
1981
+ return(0);
1982
+ }
1983
+
1984
+ static xmlChar*
1985
+ xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert) {
1986
+ xmlChar *res = NULL;
1987
+ DWORD dwSize;
1988
+ BYTE *bSKI = NULL;
1989
+ PCERT_EXTENSION pCertExt;
1990
+
1991
+ xmlSecAssert2(cert != NULL, NULL);
1992
+
1993
+ /* First check if the SKI extension actually exists, otherwise we get a SHA1 hash o fthe key/cert */
1994
+ pCertExt = CertFindExtension(szOID_SUBJECT_KEY_IDENTIFIER, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
1995
+ if (pCertExt == NULL) {
1996
+ xmlSecError(XMLSEC_ERRORS_HERE,
1997
+ NULL,
1998
+ "CertFindExtension",
1999
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2000
+ XMLSEC_ERRORS_NO_MESSAGE);
2001
+ return (NULL);
2002
+ }
2003
+
2004
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize) || dwSize < 1) {
2005
+ xmlSecError(XMLSEC_ERRORS_HERE,
2006
+ NULL,
2007
+ "CertGetCertificateContextProperty",
2008
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2009
+ XMLSEC_ERRORS_NO_MESSAGE);
2010
+ return (NULL);
2011
+ }
2012
+ bSKI = xmlMalloc(dwSize);
2013
+ if (NULL == bSKI) {
2014
+ xmlSecError(XMLSEC_ERRORS_HERE,
2015
+ NULL,
2016
+ "xmlMalloc",
2017
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
2018
+ XMLSEC_ERRORS_NO_MESSAGE);
2019
+ return (NULL);
2020
+ }
2021
+
2022
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, bSKI, &dwSize)) {
2023
+ xmlSecError(XMLSEC_ERRORS_HERE,
2024
+ NULL,
2025
+ "CertGetCertificateContextProperty",
2026
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2027
+ XMLSEC_ERRORS_NO_MESSAGE);
2028
+ xmlFree(bSKI);
2029
+ return (NULL);
2030
+ }
2031
+
2032
+ if (NULL == bSKI) {
2033
+ return(NULL);
2034
+ }
2035
+
2036
+ res = xmlSecBase64Encode(bSKI, dwSize, 0);
2037
+ if(res == NULL) {
2038
+ xmlSecError(XMLSEC_ERRORS_HERE,
2039
+ NULL,
2040
+ "xmlSecBase64Encode",
2041
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2042
+ XMLSEC_ERRORS_NO_MESSAGE);
2043
+ xmlFree(bSKI);
2044
+ return(NULL);
2045
+ }
2046
+ xmlFree(bSKI);
2047
+
2048
+ return(res);
2049
+ }
2050
+
2051
+
2052
+ static void
2053
+ xmlSecMSCryptoX509CertDebugDump(PCCERT_CONTEXT cert, FILE* output) {
2054
+ PCRYPT_INTEGER_BLOB sn;
2055
+ unsigned int i;
2056
+ xmlChar * subject = NULL;
2057
+ xmlChar * issuer = NULL;
2058
+
2059
+ xmlSecAssert(cert != NULL);
2060
+ xmlSecAssert(output != NULL);
2061
+
2062
+ fprintf(output, "=== X509 Certificate\n");
2063
+
2064
+ /* subject */
2065
+ subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
2066
+ if(subject == NULL) {
2067
+ xmlSecError(XMLSEC_ERRORS_HERE,
2068
+ "xmlSecMSCryptoX509GetNameString",
2069
+ NULL,
2070
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2071
+ "subject");
2072
+ goto done;
2073
+ }
2074
+ fprintf(output, "==== Subject Name: %s\n", subject);
2075
+
2076
+ /* issuer */
2077
+ issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
2078
+ if(issuer == NULL) {
2079
+ xmlSecError(XMLSEC_ERRORS_HERE,
2080
+ "xmlSecMSCryptoX509GetNameString",
2081
+ NULL,
2082
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2083
+ "issuer");
2084
+ goto done;
2085
+ }
2086
+ fprintf(output, "==== Issuer Name: %s\n", issuer);
2087
+
2088
+ /* serial number */
2089
+ sn = &(cert->pCertInfo->SerialNumber);
2090
+ for (i = 0; i < sn->cbData; i++) {
2091
+ if (i != sn->cbData - 1) {
2092
+ fprintf(output, "%02x:", sn->pbData[i]);
2093
+ } else {
2094
+ fprintf(output, "%02x", sn->pbData[i]);
2095
+ }
2096
+ }
2097
+ fprintf(output, "\n");
2098
+
2099
+ done:
2100
+ if (subject) xmlFree(subject);
2101
+ if (issuer) xmlFree(issuer);
2102
+ }
2103
+
2104
+
2105
+ static void
2106
+ xmlSecMSCryptoX509CertDebugXmlDump(PCCERT_CONTEXT cert, FILE* output) {
2107
+ PCRYPT_INTEGER_BLOB sn;
2108
+ unsigned int i;
2109
+ xmlChar * subject = NULL;
2110
+ xmlChar * issuer = NULL;
2111
+
2112
+ xmlSecAssert(cert != NULL);
2113
+ xmlSecAssert(output != NULL);
2114
+
2115
+ /* subject */
2116
+ subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
2117
+ if(subject == NULL) {
2118
+ xmlSecError(XMLSEC_ERRORS_HERE,
2119
+ "xmlSecMSCryptoX509GetNameString",
2120
+ NULL,
2121
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2122
+ "subject");
2123
+ goto done;
2124
+ }
2125
+ fprintf(output, "<SubjectName>");
2126
+ xmlSecPrintXmlString(output, BAD_CAST subject);
2127
+ fprintf(output, "</SubjectName>\n");
2128
+
2129
+ /* issuer */
2130
+ issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
2131
+ if(issuer == NULL) {
2132
+ xmlSecError(XMLSEC_ERRORS_HERE,
2133
+ "xmlSecMSCryptoX509GetNameString",
2134
+ NULL,
2135
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2136
+ "issuer");
2137
+ goto done;
2138
+ }
2139
+ fprintf(output, "<IssuerName>");
2140
+ xmlSecPrintXmlString(output, BAD_CAST issuer);
2141
+ fprintf(output, "</IssuerName>\n");
2142
+
2143
+ /* serial */
2144
+ fprintf(output, "<SerialNumber>");
2145
+ sn = &(cert->pCertInfo->SerialNumber);
2146
+ for (i = 0; i < sn->cbData; i++) {
2147
+ if (i != sn->cbData - 1) {
2148
+ fprintf(output, "%02x:", sn->pbData[i]);
2149
+ } else {
2150
+ fprintf(output, "%02x", sn->pbData[i]);
2151
+ }
2152
+ }
2153
+ fprintf(output, "</SerialNumber>\n");
2154
+
2155
+ done:
2156
+ xmlFree(subject);
2157
+ xmlFree(issuer);
2158
+ }
2159
+
2160
+
2161
+ /**************************************************************************
2162
+ *
2163
+ * Raw X509 Certificate processing
2164
+ *
2165
+ *
2166
+ *************************************************************************/
2167
+ static int xmlSecMSCryptoKeyDataRawX509CertBinRead (xmlSecKeyDataId id,
2168
+ xmlSecKeyPtr key,
2169
+ const xmlSecByte* buf,
2170
+ xmlSecSize bufSize,
2171
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
2172
+
2173
+ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRawX509CertKlass = {
2174
+ sizeof(xmlSecKeyDataKlass),
2175
+ sizeof(xmlSecKeyData),
2176
+
2177
+ /* data */
2178
+ xmlSecNameRawX509Cert,
2179
+ xmlSecKeyDataUsageRetrievalMethodNodeBin,
2180
+ /* xmlSecKeyDataUsage usage; */
2181
+ xmlSecHrefRawX509Cert, /* const xmlChar* href; */
2182
+ NULL, /* const xmlChar* dataNodeName; */
2183
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
2184
+
2185
+ /* constructors/destructor */
2186
+ NULL, /* xmlSecKeyDataInitializeMethod initialize; */
2187
+ NULL, /* xmlSecKeyDataDuplicateMethod duplicate; */
2188
+ NULL, /* xmlSecKeyDataFinalizeMethod finalize; */
2189
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
2190
+
2191
+ /* get info */
2192
+ NULL, /* xmlSecKeyDataGetTypeMethod getType; */
2193
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
2194
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
2195
+
2196
+ /* read/write */
2197
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
2198
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
2199
+ xmlSecMSCryptoKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
2200
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
2201
+
2202
+ /* debug */
2203
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugDump; */
2204
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
2205
+
2206
+ /* reserved for the future */
2207
+ NULL, /* void* reserved0; */
2208
+ NULL, /* void* reserved1; */
2209
+ };
2210
+
2211
+ /**
2212
+ * xmlSecMSCryptoKeyDataRawX509CertGetKlass:
2213
+ *
2214
+ * The raw X509 certificates key data klass.
2215
+ *
2216
+ * Returns: raw X509 certificates key data klass.
2217
+ */
2218
+ xmlSecKeyDataId
2219
+ xmlSecMSCryptoKeyDataRawX509CertGetKlass(void) {
2220
+ return(&xmlSecMSCryptoKeyDataRawX509CertKlass);
2221
+ }
2222
+
2223
+ static int
2224
+ xmlSecMSCryptoKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
2225
+ const xmlSecByte* buf, xmlSecSize bufSize,
2226
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
2227
+ xmlSecKeyDataPtr data;
2228
+ PCCERT_CONTEXT cert;
2229
+ int ret;
2230
+
2231
+ xmlSecAssert2(id == xmlSecMSCryptoKeyDataRawX509CertId, -1);
2232
+ xmlSecAssert2(key != NULL, -1);
2233
+ xmlSecAssert2(buf != NULL, -1);
2234
+ xmlSecAssert2(bufSize > 0, -1);
2235
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
2236
+
2237
+ cert = xmlSecMSCryptoX509CertDerRead(buf, bufSize);
2238
+ if(cert == NULL) {
2239
+ xmlSecError(XMLSEC_ERRORS_HERE,
2240
+ NULL,
2241
+ "xmlSecMSCryptoX509CertDerRead",
2242
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2243
+ XMLSEC_ERRORS_NO_MESSAGE);
2244
+ return(-1);
2245
+ }
2246
+
2247
+ data = xmlSecKeyEnsureData(key, xmlSecMSCryptoKeyDataX509Id);
2248
+ if(data == NULL) {
2249
+ xmlSecError(XMLSEC_ERRORS_HERE,
2250
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2251
+ "xmlSecKeyEnsureData",
2252
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2253
+ XMLSEC_ERRORS_NO_MESSAGE);
2254
+ CertFreeCertificateContext(cert);
2255
+ return(-1);
2256
+ }
2257
+
2258
+ ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
2259
+ if(ret < 0) {
2260
+ xmlSecError(XMLSEC_ERRORS_HERE,
2261
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2262
+ "xmlSecMSCryptoKeyDataX509AdoptCert",
2263
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2264
+ XMLSEC_ERRORS_NO_MESSAGE);
2265
+ CertFreeCertificateContext(cert);
2266
+ return(-1);
2267
+ }
2268
+
2269
+ ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
2270
+ if(ret < 0) {
2271
+ xmlSecError(XMLSEC_ERRORS_HERE,
2272
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2273
+ "xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
2274
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2275
+ XMLSEC_ERRORS_NO_MESSAGE);
2276
+ return(-1);
2277
+ }
2278
+ return(0);
2279
+ }
2280
+
2281
+ #endif /* XMLSEC_NO_X509 */