xmlsec-shim 1.2.18.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (969) hide show
  1. data/.gitignore +17 -0
  2. data/Gemfile +4 -0
  3. data/README.md +2 -0
  4. data/Rakefile +2 -0
  5. data/ext/xmlsec/extconf.rb +14 -0
  6. data/lib/xmlsec-shim.rb +27 -0
  7. data/lib/xmlsec-shim/version.rb +5 -0
  8. data/vendor/xmlsec1-1.2.18/AUTHORS +8 -0
  9. data/vendor/xmlsec1-1.2.18/COPYING +105 -0
  10. data/vendor/xmlsec1-1.2.18/ChangeLog +1810 -0
  11. data/vendor/xmlsec1-1.2.18/Copyright +105 -0
  12. data/vendor/xmlsec1-1.2.18/HACKING +199 -0
  13. data/vendor/xmlsec1-1.2.18/INSTALL +38 -0
  14. data/vendor/xmlsec1-1.2.18/Makefile.am +186 -0
  15. data/vendor/xmlsec1-1.2.18/Makefile.in +1155 -0
  16. data/vendor/xmlsec1-1.2.18/NEWS +1 -0
  17. data/vendor/xmlsec1-1.2.18/README +15 -0
  18. data/vendor/xmlsec1-1.2.18/TODO +156 -0
  19. data/vendor/xmlsec1-1.2.18/aclocal.m4 +1197 -0
  20. data/vendor/xmlsec1-1.2.18/apps/Makefile.am +84 -0
  21. data/vendor/xmlsec1-1.2.18/apps/Makefile.in +694 -0
  22. data/vendor/xmlsec1-1.2.18/apps/cmdline.c +355 -0
  23. data/vendor/xmlsec1-1.2.18/apps/cmdline.h +89 -0
  24. data/vendor/xmlsec1-1.2.18/apps/crypto.c +396 -0
  25. data/vendor/xmlsec1-1.2.18/apps/crypto.h +70 -0
  26. data/vendor/xmlsec1-1.2.18/apps/xmlsec.c +3058 -0
  27. data/vendor/xmlsec1-1.2.18/config.guess +1502 -0
  28. data/vendor/xmlsec1-1.2.18/config.h.in +134 -0
  29. data/vendor/xmlsec1-1.2.18/config.sub +1714 -0
  30. data/vendor/xmlsec1-1.2.18/configure +17363 -0
  31. data/vendor/xmlsec1-1.2.18/configure.in +1633 -0
  32. data/vendor/xmlsec1-1.2.18/depcomp +630 -0
  33. data/vendor/xmlsec1-1.2.18/docs/Makefile.am +65 -0
  34. data/vendor/xmlsec1-1.2.18/docs/Makefile.in +721 -0
  35. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.am +209 -0
  36. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.in +664 -0
  37. data/vendor/xmlsec1-1.2.18/docs/api/chapters/compiling-and-linking.sgml +252 -0
  38. data/vendor/xmlsec1-1.2.18/docs/api/chapters/creating-templates.sgml +325 -0
  39. data/vendor/xmlsec1-1.2.18/docs/api/chapters/examples.sgml +102 -0
  40. data/vendor/xmlsec1-1.2.18/docs/api/chapters/init-and-shutdown.sgml +104 -0
  41. data/vendor/xmlsec1-1.2.18/docs/api/chapters/new-crypto.sgml +487 -0
  42. data/vendor/xmlsec1-1.2.18/docs/api/chapters/sign-and-encrypt.sgml +286 -0
  43. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-contexts.sgml +138 -0
  44. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keys.sgml +26 -0
  45. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keysmngr.sgml +592 -0
  46. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-transforms.sgml +67 -0
  47. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-x509-certs.sgml +197 -0
  48. data/vendor/xmlsec1-1.2.18/docs/api/chapters/verify-and-decrypt.sgml +265 -0
  49. data/vendor/xmlsec1-1.2.18/docs/api/home.png +0 -0
  50. data/vendor/xmlsec1-1.2.18/docs/api/images/diagrams.sxd +0 -0
  51. data/vendor/xmlsec1-1.2.18/docs/api/images/encryption-structure.png +0 -0
  52. data/vendor/xmlsec1-1.2.18/docs/api/images/key.png +0 -0
  53. data/vendor/xmlsec1-1.2.18/docs/api/images/keysmngr.png +0 -0
  54. data/vendor/xmlsec1-1.2.18/docs/api/images/sign-enc-model.png +0 -0
  55. data/vendor/xmlsec1-1.2.18/docs/api/images/signature-structure.png +0 -0
  56. data/vendor/xmlsec1-1.2.18/docs/api/images/structure.png +0 -0
  57. data/vendor/xmlsec1-1.2.18/docs/api/images/transform.png +0 -0
  58. data/vendor/xmlsec1-1.2.18/docs/api/images/transforms-chain.png +0 -0
  59. data/vendor/xmlsec1-1.2.18/docs/api/images/verif-dec-model.png +0 -0
  60. data/vendor/xmlsec1-1.2.18/docs/api/index.html +307 -0
  61. data/vendor/xmlsec1-1.2.18/docs/api/index.sgml +43 -0
  62. data/vendor/xmlsec1-1.2.18/docs/api/left.png +0 -0
  63. data/vendor/xmlsec1-1.2.18/docs/api/right.png +0 -0
  64. data/vendor/xmlsec1-1.2.18/docs/api/up.png +0 -0
  65. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-app.html +1525 -0
  66. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-base64.html +357 -0
  67. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-bn.html +705 -0
  68. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-buffer.html +603 -0
  69. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-custom-keys-manager.html +475 -0
  70. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-keys-mngr.html +396 -0
  71. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-signle-key.html +326 -0
  72. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-dl.html +245 -0
  73. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-dynamic-template.html +386 -0
  74. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-template-file.html +364 -0
  75. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-with-session-key.html +495 -0
  76. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encryption-klasses.html +101 -0
  77. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-errors.html +744 -0
  78. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-dynamimc-template.html +406 -0
  79. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-template-file.html +388 -0
  80. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-x509.html +447 -0
  81. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples.html +119 -0
  82. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-app.html +578 -0
  83. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-crypto.html +1128 -0
  84. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-ref.html +107 -0
  85. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt.sgml +15 -0
  86. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-app.html +576 -0
  87. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-crypto.html +1076 -0
  88. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-ref.html +107 -0
  89. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls.sgml +15 -0
  90. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.html +1570 -0
  91. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.sgml +1471 -0
  92. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-io.html +226 -0
  93. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keyinfo.html +700 -0
  94. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keys.html +1161 -0
  95. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysdata.html +2067 -0
  96. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysmngr.html +743 -0
  97. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-list.html +643 -0
  98. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-membuf.html +143 -0
  99. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-app.html +747 -0
  100. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-certkeys.html +252 -0
  101. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-crypto.html +1153 -0
  102. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-keysstore.html +209 -0
  103. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-ref.html +113 -0
  104. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-x509.html +478 -0
  105. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto.sgml +21 -0
  106. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nodeset.html +542 -0
  107. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-others.html +102 -0
  108. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-unix.html +223 -0
  109. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-windows.html +138 -0
  110. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling.html +117 -0
  111. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-contexts.html +229 -0
  112. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-custom-keys-store.html +250 -0
  113. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-decrypt.html +205 -0
  114. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-encryption-templates.html +240 -0
  115. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-signature-templates.html +250 -0
  116. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-encrypt.html +223 -0
  117. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-include-files.html +141 -0
  118. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-init-shutdown.html +194 -0
  119. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-manager-sign-enc.html +307 -0
  120. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-mngr-verify-decrypt.html +179 -0
  121. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys.html +120 -0
  122. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keysmngr.html +140 -0
  123. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-functions.html +151 -0
  124. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-key-stores.html +83 -0
  125. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-keys.html +103 -0
  126. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-klasses.html +217 -0
  127. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-sharing-results.html +125 -0
  128. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-simple-keys-mngr.html +102 -0
  129. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-skeleton.html +254 -0
  130. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-transforms.html +170 -0
  131. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto.html +136 -0
  132. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-overview.html +102 -0
  133. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-encrypt.html +120 -0
  134. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-x509.html +176 -0
  135. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign.html +210 -0
  136. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-simple-keys-store.html +177 -0
  137. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-structure.html +115 -0
  138. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-templates.html +114 -0
  139. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-transforms.html +154 -0
  140. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-decrypt.html +120 -0
  141. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-x509.html +180 -0
  142. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify.html +210 -0
  143. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-x509.html +114 -0
  144. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes.html +115 -0
  145. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-app.html +740 -0
  146. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-bignum.html +176 -0
  147. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-crypto.html +978 -0
  148. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-keysstore.html +209 -0
  149. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-pkikeys.html +211 -0
  150. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-ref.html +115 -0
  151. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-x509.html +467 -0
  152. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss.sgml +23 -0
  153. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-app.html +800 -0
  154. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-bn.html +170 -0
  155. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-crypto.html +1329 -0
  156. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-evp.html +184 -0
  157. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-ref.html +113 -0
  158. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-x509.html +567 -0
  159. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl.sgml +21 -0
  160. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-parser.html +223 -0
  161. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-ref.html +149 -0
  162. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-reference.html +106 -0
  163. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-signature-klasses.html +101 -0
  164. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-templates.html +1290 -0
  165. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-transforms.html +3059 -0
  166. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-key.html +318 -0
  167. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-keys-mngr.html +388 -0
  168. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-restrictions.html +715 -0
  169. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-x509.html +369 -0
  170. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-version.html +143 -0
  171. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-x509.html +181 -0
  172. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmldsig.html +853 -0
  173. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlenc.html +584 -0
  174. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlsec.html +300 -0
  175. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmltree.html +1529 -0
  176. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec.sgml +307 -0
  177. data/vendor/xmlsec1-1.2.18/docs/authors.html +59 -0
  178. data/vendor/xmlsec1-1.2.18/docs/bugs.html +106 -0
  179. data/vendor/xmlsec1-1.2.18/docs/c14n.html +73 -0
  180. data/vendor/xmlsec1-1.2.18/docs/documentation.html +65 -0
  181. data/vendor/xmlsec1-1.2.18/docs/download.html +115 -0
  182. data/vendor/xmlsec1-1.2.18/docs/faq.html +449 -0
  183. data/vendor/xmlsec1-1.2.18/docs/images/bart.gif +0 -0
  184. data/vendor/xmlsec1-1.2.18/docs/images/libxml2-logo.png +0 -0
  185. data/vendor/xmlsec1-1.2.18/docs/images/libxslt-logo.png +0 -0
  186. data/vendor/xmlsec1-1.2.18/docs/images/logo.gif +0 -0
  187. data/vendor/xmlsec1-1.2.18/docs/images/openssl-logo.png +0 -0
  188. data/vendor/xmlsec1-1.2.18/docs/images/xmlsec-logo.gif +0 -0
  189. data/vendor/xmlsec1-1.2.18/docs/index.html +109 -0
  190. data/vendor/xmlsec1-1.2.18/docs/news.html +545 -0
  191. data/vendor/xmlsec1-1.2.18/docs/related.html +165 -0
  192. data/vendor/xmlsec1-1.2.18/docs/xmldsig-verifier.html +138 -0
  193. data/vendor/xmlsec1-1.2.18/docs/xmldsig.html +646 -0
  194. data/vendor/xmlsec1-1.2.18/docs/xmlenc.html +464 -0
  195. data/vendor/xmlsec1-1.2.18/docs/xmlsec-man.html +291 -0
  196. data/vendor/xmlsec1-1.2.18/docs/xmlsec.xsl +194 -0
  197. data/vendor/xmlsec1-1.2.18/examples/Makefile +40 -0
  198. data/vendor/xmlsec1-1.2.18/examples/Makefile.w32 +88 -0
  199. data/vendor/xmlsec1-1.2.18/examples/README +126 -0
  200. data/vendor/xmlsec1-1.2.18/examples/binary.dat +1 -0
  201. data/vendor/xmlsec1-1.2.18/examples/decrypt1.c +223 -0
  202. data/vendor/xmlsec1-1.2.18/examples/decrypt2.c +293 -0
  203. data/vendor/xmlsec1-1.2.18/examples/decrypt3.c +372 -0
  204. data/vendor/xmlsec1-1.2.18/examples/deskey.bin +1 -0
  205. data/vendor/xmlsec1-1.2.18/examples/encrypt1-res.xml +13 -0
  206. data/vendor/xmlsec1-1.2.18/examples/encrypt1-tmpl.xml +13 -0
  207. data/vendor/xmlsec1-1.2.18/examples/encrypt1.c +219 -0
  208. data/vendor/xmlsec1-1.2.18/examples/encrypt2-doc.xml +9 -0
  209. data/vendor/xmlsec1-1.2.18/examples/encrypt2-res.xml +14 -0
  210. data/vendor/xmlsec1-1.2.18/examples/encrypt2.c +244 -0
  211. data/vendor/xmlsec1-1.2.18/examples/encrypt3-doc.xml +9 -0
  212. data/vendor/xmlsec1-1.2.18/examples/encrypt3-res.xml +27 -0
  213. data/vendor/xmlsec1-1.2.18/examples/encrypt3.c +340 -0
  214. data/vendor/xmlsec1-1.2.18/examples/mywin32make.bat +18 -0
  215. data/vendor/xmlsec1-1.2.18/examples/rootcert.pem +25 -0
  216. data/vendor/xmlsec1-1.2.18/examples/rsacert.pem +83 -0
  217. data/vendor/xmlsec1-1.2.18/examples/rsakey.pem +27 -0
  218. data/vendor/xmlsec1-1.2.18/examples/rsapub.pem +9 -0
  219. data/vendor/xmlsec1-1.2.18/examples/sign1-res.xml +31 -0
  220. data/vendor/xmlsec1-1.2.18/examples/sign1-tmpl.xml +27 -0
  221. data/vendor/xmlsec1-1.2.18/examples/sign1.c +212 -0
  222. data/vendor/xmlsec1-1.2.18/examples/sign2-doc.xml +9 -0
  223. data/vendor/xmlsec1-1.2.18/examples/sign2-res.xml +30 -0
  224. data/vendor/xmlsec1-1.2.18/examples/sign2.c +248 -0
  225. data/vendor/xmlsec1-1.2.18/examples/sign3-doc.xml +9 -0
  226. data/vendor/xmlsec1-1.2.18/examples/sign3-res.xml +58 -0
  227. data/vendor/xmlsec1-1.2.18/examples/sign3.c +261 -0
  228. data/vendor/xmlsec1-1.2.18/examples/verify1.c +215 -0
  229. data/vendor/xmlsec1-1.2.18/examples/verify2.c +285 -0
  230. data/vendor/xmlsec1-1.2.18/examples/verify3.c +266 -0
  231. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-res.xml +90 -0
  232. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-tmpl.xml +54 -0
  233. data/vendor/xmlsec1-1.2.18/examples/verify4-res.xml +80 -0
  234. data/vendor/xmlsec1-1.2.18/examples/verify4-tmpl.xml +47 -0
  235. data/vendor/xmlsec1-1.2.18/examples/verify4.c +309 -0
  236. data/vendor/xmlsec1-1.2.18/examples/xkms-server.c +839 -0
  237. data/vendor/xmlsec1-1.2.18/examples/xmldsigverify.c +381 -0
  238. data/vendor/xmlsec1-1.2.18/include/Makefile.am +4 -0
  239. data/vendor/xmlsec1-1.2.18/include/Makefile.in +656 -0
  240. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.am +63 -0
  241. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.in +767 -0
  242. data/vendor/xmlsec1-1.2.18/include/xmlsec/app.h +424 -0
  243. data/vendor/xmlsec1-1.2.18/include/xmlsec/base64.h +67 -0
  244. data/vendor/xmlsec1-1.2.18/include/xmlsec/bn.h +99 -0
  245. data/vendor/xmlsec1-1.2.18/include/xmlsec/buffer.h +108 -0
  246. data/vendor/xmlsec1-1.2.18/include/xmlsec/crypto.h +75 -0
  247. data/vendor/xmlsec1-1.2.18/include/xmlsec/dl.h +56 -0
  248. data/vendor/xmlsec1-1.2.18/include/xmlsec/errors.h +504 -0
  249. data/vendor/xmlsec1-1.2.18/include/xmlsec/exports.h +111 -0
  250. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.am +13 -0
  251. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.in +564 -0
  252. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/app.h +96 -0
  253. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/crypto.h +460 -0
  254. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/symbols.h +104 -0
  255. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.am +14 -0
  256. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.in +565 -0
  257. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/app.h +96 -0
  258. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/crypto.h +462 -0
  259. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/symbols.h +104 -0
  260. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/x509.h +110 -0
  261. data/vendor/xmlsec1-1.2.18/include/xmlsec/io.h +54 -0
  262. data/vendor/xmlsec1-1.2.18/include/xmlsec/keyinfo.h +285 -0
  263. data/vendor/xmlsec1-1.2.18/include/xmlsec/keys.h +278 -0
  264. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysdata.h +837 -0
  265. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysmngr.h +264 -0
  266. data/vendor/xmlsec1-1.2.18/include/xmlsec/list.h +194 -0
  267. data/vendor/xmlsec1-1.2.18/include/xmlsec/membuf.h +44 -0
  268. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.am +16 -0
  269. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.in +567 -0
  270. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/app.h +116 -0
  271. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/certkeys.h +42 -0
  272. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/crypto.h +516 -0
  273. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/keysstore.h +48 -0
  274. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/symbols.h +114 -0
  275. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/x509.h +92 -0
  276. data/vendor/xmlsec1-1.2.18/include/xmlsec/nodeset.h +139 -0
  277. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.am +17 -0
  278. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.in +568 -0
  279. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/app.h +118 -0
  280. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/bignum.h +37 -0
  281. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/crypto.h +469 -0
  282. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/keysstore.h +46 -0
  283. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/pkikeys.h +44 -0
  284. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/symbols.h +106 -0
  285. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/x509.h +91 -0
  286. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.am +16 -0
  287. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.in +567 -0
  288. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/app.h +128 -0
  289. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/bn.h +35 -0
  290. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/crypto.h +561 -0
  291. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/evp.h +44 -0
  292. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/symbols.h +123 -0
  293. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/x509.h +109 -0
  294. data/vendor/xmlsec1-1.2.18/include/xmlsec/parser.h +51 -0
  295. data/vendor/xmlsec1-1.2.18/include/xmlsec/private.h +489 -0
  296. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.am +12 -0
  297. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.in +563 -0
  298. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xkms.h +121 -0
  299. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xslt.h +34 -0
  300. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/Makefile.am +13 -0
  301. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/app.h +97 -0
  302. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/crypto.h +40 -0
  303. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/symbols.h +117 -0
  304. data/vendor/xmlsec1-1.2.18/include/xmlsec/soap.h +130 -0
  305. data/vendor/xmlsec1-1.2.18/include/xmlsec/strings.h +610 -0
  306. data/vendor/xmlsec1-1.2.18/include/xmlsec/templates.h +162 -0
  307. data/vendor/xmlsec1-1.2.18/include/xmlsec/transforms.h +994 -0
  308. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h +61 -0
  309. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h.in +61 -0
  310. data/vendor/xmlsec1-1.2.18/include/xmlsec/x509.h +80 -0
  311. data/vendor/xmlsec1-1.2.18/include/xmlsec/xkms.h +652 -0
  312. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmldsig.h +281 -0
  313. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlenc.h +163 -0
  314. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlsec.h +216 -0
  315. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmltree.h +275 -0
  316. data/vendor/xmlsec1-1.2.18/install-sh +520 -0
  317. data/vendor/xmlsec1-1.2.18/ltmain.sh +8413 -0
  318. data/vendor/xmlsec1-1.2.18/m4/libtool.m4 +7377 -0
  319. data/vendor/xmlsec1-1.2.18/m4/ltoptions.m4 +368 -0
  320. data/vendor/xmlsec1-1.2.18/m4/ltsugar.m4 +123 -0
  321. data/vendor/xmlsec1-1.2.18/m4/ltversion.m4 +23 -0
  322. data/vendor/xmlsec1-1.2.18/m4/lt~obsolete.m4 +92 -0
  323. data/vendor/xmlsec1-1.2.18/man/Makefile.am +52 -0
  324. data/vendor/xmlsec1-1.2.18/man/Makefile.in +582 -0
  325. data/vendor/xmlsec1-1.2.18/man/xmlsec1-config.1 +34 -0
  326. data/vendor/xmlsec1-1.2.18/man/xmlsec1.1 +269 -0
  327. data/vendor/xmlsec1-1.2.18/missing +376 -0
  328. data/vendor/xmlsec1-1.2.18/scripts/build_release.sh +33 -0
  329. data/vendor/xmlsec1-1.2.18/scripts/change-release.sh +34 -0
  330. data/vendor/xmlsec1-1.2.18/scripts/push_release.sh +30 -0
  331. data/vendor/xmlsec1-1.2.18/scripts/remove-gtkdoclink.pl +20 -0
  332. data/vendor/xmlsec1-1.2.18/scripts/test_errors.pl +38 -0
  333. data/vendor/xmlsec1-1.2.18/scripts/test_release.sh +12 -0
  334. data/vendor/xmlsec1-1.2.18/src/Makefile.am +71 -0
  335. data/vendor/xmlsec1-1.2.18/src/Makefile.in +878 -0
  336. data/vendor/xmlsec1-1.2.18/src/app.c +1498 -0
  337. data/vendor/xmlsec1-1.2.18/src/base64.c +1034 -0
  338. data/vendor/xmlsec1-1.2.18/src/bn.c +1060 -0
  339. data/vendor/xmlsec1-1.2.18/src/buffer.c +674 -0
  340. data/vendor/xmlsec1-1.2.18/src/c14n.c +801 -0
  341. data/vendor/xmlsec1-1.2.18/src/dl.c +994 -0
  342. data/vendor/xmlsec1-1.2.18/src/enveloped.c +152 -0
  343. data/vendor/xmlsec1-1.2.18/src/errors.c +242 -0
  344. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.am +55 -0
  345. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.in +764 -0
  346. data/vendor/xmlsec1-1.2.18/src/gcrypt/README +9 -0
  347. data/vendor/xmlsec1-1.2.18/src/gcrypt/app.c +663 -0
  348. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.c +602 -0
  349. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.h +39 -0
  350. data/vendor/xmlsec1-1.2.18/src/gcrypt/asymkeys.c +1920 -0
  351. data/vendor/xmlsec1-1.2.18/src/gcrypt/ciphers.c +855 -0
  352. data/vendor/xmlsec1-1.2.18/src/gcrypt/crypto.c +315 -0
  353. data/vendor/xmlsec1-1.2.18/src/gcrypt/digests.c +614 -0
  354. data/vendor/xmlsec1-1.2.18/src/gcrypt/globals.h +30 -0
  355. data/vendor/xmlsec1-1.2.18/src/gcrypt/hmac.c +823 -0
  356. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_aes.c +593 -0
  357. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_des.c +607 -0
  358. data/vendor/xmlsec1-1.2.18/src/gcrypt/signatures.c +1490 -0
  359. data/vendor/xmlsec1-1.2.18/src/gcrypt/symkeys.c +441 -0
  360. data/vendor/xmlsec1-1.2.18/src/globals.h +25 -0
  361. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.am +58 -0
  362. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.in +786 -0
  363. data/vendor/xmlsec1-1.2.18/src/gnutls/README +6 -0
  364. data/vendor/xmlsec1-1.2.18/src/gnutls/app.c +998 -0
  365. data/vendor/xmlsec1-1.2.18/src/gnutls/asymkeys.c +455 -0
  366. data/vendor/xmlsec1-1.2.18/src/gnutls/ciphers.c +82 -0
  367. data/vendor/xmlsec1-1.2.18/src/gnutls/crypto.c +351 -0
  368. data/vendor/xmlsec1-1.2.18/src/gnutls/digests.c +112 -0
  369. data/vendor/xmlsec1-1.2.18/src/gnutls/globals.h +31 -0
  370. data/vendor/xmlsec1-1.2.18/src/gnutls/hmac.c +141 -0
  371. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_aes.c +72 -0
  372. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_des.c +51 -0
  373. data/vendor/xmlsec1-1.2.18/src/gnutls/signatures.c +148 -0
  374. data/vendor/xmlsec1-1.2.18/src/gnutls/symkeys.c +125 -0
  375. data/vendor/xmlsec1-1.2.18/src/gnutls/x509.c +1960 -0
  376. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.c +1687 -0
  377. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.h +143 -0
  378. data/vendor/xmlsec1-1.2.18/src/gnutls/x509vfy.c +802 -0
  379. data/vendor/xmlsec1-1.2.18/src/io.c +496 -0
  380. data/vendor/xmlsec1-1.2.18/src/keyinfo.c +1561 -0
  381. data/vendor/xmlsec1-1.2.18/src/keys.c +1415 -0
  382. data/vendor/xmlsec1-1.2.18/src/keysdata.c +1387 -0
  383. data/vendor/xmlsec1-1.2.18/src/keysmngr.c +745 -0
  384. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.c +493 -0
  385. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.h +148 -0
  386. data/vendor/xmlsec1-1.2.18/src/list.c +534 -0
  387. data/vendor/xmlsec1-1.2.18/src/membuf.c +209 -0
  388. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.am +62 -0
  389. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.in +799 -0
  390. data/vendor/xmlsec1-1.2.18/src/mscrypto/README +39 -0
  391. data/vendor/xmlsec1-1.2.18/src/mscrypto/app.c +1289 -0
  392. data/vendor/xmlsec1-1.2.18/src/mscrypto/certkeys.c +2615 -0
  393. data/vendor/xmlsec1-1.2.18/src/mscrypto/ciphers.c +937 -0
  394. data/vendor/xmlsec1-1.2.18/src/mscrypto/crypto.c +889 -0
  395. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_calg.h +105 -0
  396. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_oid.h +114 -0
  397. data/vendor/xmlsec1-1.2.18/src/mscrypto/digests.c +668 -0
  398. data/vendor/xmlsec1-1.2.18/src/mscrypto/globals.h +39 -0
  399. data/vendor/xmlsec1-1.2.18/src/mscrypto/hmac.c +963 -0
  400. data/vendor/xmlsec1-1.2.18/src/mscrypto/keysstore.c +620 -0
  401. data/vendor/xmlsec1-1.2.18/src/mscrypto/kt_rsa.c +631 -0
  402. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_aes.c +662 -0
  403. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_des.c +730 -0
  404. data/vendor/xmlsec1-1.2.18/src/mscrypto/mingw-crypt32.def +36 -0
  405. data/vendor/xmlsec1-1.2.18/src/mscrypto/private.h +130 -0
  406. data/vendor/xmlsec1-1.2.18/src/mscrypto/signatures.c +960 -0
  407. data/vendor/xmlsec1-1.2.18/src/mscrypto/symkeys.c +824 -0
  408. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509.c +2281 -0
  409. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509vfy.c +1406 -0
  410. data/vendor/xmlsec1-1.2.18/src/mscrypto/xmlsec-mingw.h +210 -0
  411. data/vendor/xmlsec1-1.2.18/src/nodeset.c +610 -0
  412. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.am +57 -0
  413. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.in +798 -0
  414. data/vendor/xmlsec1-1.2.18/src/nss/README +128 -0
  415. data/vendor/xmlsec1-1.2.18/src/nss/app.c +1598 -0
  416. data/vendor/xmlsec1-1.2.18/src/nss/bignum.c +163 -0
  417. data/vendor/xmlsec1-1.2.18/src/nss/ciphers.c +838 -0
  418. data/vendor/xmlsec1-1.2.18/src/nss/crypto.c +444 -0
  419. data/vendor/xmlsec1-1.2.18/src/nss/digests.c +576 -0
  420. data/vendor/xmlsec1-1.2.18/src/nss/globals.h +24 -0
  421. data/vendor/xmlsec1-1.2.18/src/nss/hmac.c +855 -0
  422. data/vendor/xmlsec1-1.2.18/src/nss/keysstore.c +485 -0
  423. data/vendor/xmlsec1-1.2.18/src/nss/keytrans.c +753 -0
  424. data/vendor/xmlsec1-1.2.18/src/nss/kw_aes.c +681 -0
  425. data/vendor/xmlsec1-1.2.18/src/nss/kw_des.c +663 -0
  426. data/vendor/xmlsec1-1.2.18/src/nss/pkikeys.c +1554 -0
  427. data/vendor/xmlsec1-1.2.18/src/nss/signatures.c +841 -0
  428. data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c +440 -0
  429. data/vendor/xmlsec1-1.2.18/src/nss/x509.c +2223 -0
  430. data/vendor/xmlsec1-1.2.18/src/nss/x509vfy.c +808 -0
  431. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.am +56 -0
  432. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.in +790 -0
  433. data/vendor/xmlsec1-1.2.18/src/openssl/README +17 -0
  434. data/vendor/xmlsec1-1.2.18/src/openssl/app.c +1628 -0
  435. data/vendor/xmlsec1-1.2.18/src/openssl/bn.c +163 -0
  436. data/vendor/xmlsec1-1.2.18/src/openssl/ciphers.c +856 -0
  437. data/vendor/xmlsec1-1.2.18/src/openssl/crypto.c +491 -0
  438. data/vendor/xmlsec1-1.2.18/src/openssl/digests.c +682 -0
  439. data/vendor/xmlsec1-1.2.18/src/openssl/evp.c +1559 -0
  440. data/vendor/xmlsec1-1.2.18/src/openssl/globals.h +24 -0
  441. data/vendor/xmlsec1-1.2.18/src/openssl/hmac.c +857 -0
  442. data/vendor/xmlsec1-1.2.18/src/openssl/kt_rsa.c +876 -0
  443. data/vendor/xmlsec1-1.2.18/src/openssl/kw_aes.c +513 -0
  444. data/vendor/xmlsec1-1.2.18/src/openssl/kw_des.c +563 -0
  445. data/vendor/xmlsec1-1.2.18/src/openssl/signatures.c +1065 -0
  446. data/vendor/xmlsec1-1.2.18/src/openssl/symkeys.c +447 -0
  447. data/vendor/xmlsec1-1.2.18/src/openssl/x509.c +2414 -0
  448. data/vendor/xmlsec1-1.2.18/src/openssl/x509vfy.c +1284 -0
  449. data/vendor/xmlsec1-1.2.18/src/parser.c +571 -0
  450. data/vendor/xmlsec1-1.2.18/src/skeleton/Makefile.am +45 -0
  451. data/vendor/xmlsec1-1.2.18/src/skeleton/README +0 -0
  452. data/vendor/xmlsec1-1.2.18/src/skeleton/app.c +499 -0
  453. data/vendor/xmlsec1-1.2.18/src/skeleton/crypto.c +260 -0
  454. data/vendor/xmlsec1-1.2.18/src/skeleton/globals.h +24 -0
  455. data/vendor/xmlsec1-1.2.18/src/soap.c +1322 -0
  456. data/vendor/xmlsec1-1.2.18/src/strings.c +597 -0
  457. data/vendor/xmlsec1-1.2.18/src/templates.c +2091 -0
  458. data/vendor/xmlsec1-1.2.18/src/transforms.c +2902 -0
  459. data/vendor/xmlsec1-1.2.18/src/x509.c +97 -0
  460. data/vendor/xmlsec1-1.2.18/src/xkms.c +4981 -0
  461. data/vendor/xmlsec1-1.2.18/src/xmldsig.c +1795 -0
  462. data/vendor/xmlsec1-1.2.18/src/xmlenc.c +1339 -0
  463. data/vendor/xmlsec1-1.2.18/src/xmlsec.c +185 -0
  464. data/vendor/xmlsec1-1.2.18/src/xmltree.c +1908 -0
  465. data/vendor/xmlsec1-1.2.18/src/xpath.c +1148 -0
  466. data/vendor/xmlsec1-1.2.18/src/xslt.c +617 -0
  467. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/Readme.txt +52 -0
  468. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des.xml +29 -0
  469. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/dh-priv-key.der +0 -0
  470. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data +9 -0
  471. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.tmpl +22 -0
  472. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.xml +30 -0
  473. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data +9 -0
  474. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.tmpl +22 -0
  475. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.xml +30 -0
  476. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data +9 -0
  477. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.tmpl +22 -0
  478. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.xml +30 -0
  479. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data +9 -0
  480. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.tmpl +24 -0
  481. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.xml +63 -0
  482. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml +83 -0
  483. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data +9 -0
  484. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.tmpl +23 -0
  485. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.xml +61 -0
  486. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data +9 -0
  487. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.tmpl +22 -0
  488. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.xml +63 -0
  489. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml +63 -0
  490. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml +63 -0
  491. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data +9 -0
  492. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.tmpl +22 -0
  493. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.xml +29 -0
  494. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-ka-dh.xml +83 -0
  495. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data +9 -0
  496. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl +20 -0
  497. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.xml +61 -0
  498. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data +9 -0
  499. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.tmpl +22 -0
  500. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.xml +63 -0
  501. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data +9 -0
  502. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.tmpl +22 -0
  503. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.xml +29 -0
  504. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data +9 -0
  505. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.tmpl +22 -0
  506. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.xml +29 -0
  507. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-ka-dh.xml +83 -0
  508. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data +9 -0
  509. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.tmpl +22 -0
  510. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.xml +63 -0
  511. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data +9 -0
  512. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.tmpl +22 -0
  513. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.xml +29 -0
  514. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-ka-dh.xml +83 -0
  515. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data +9 -0
  516. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.tmpl +22 -0
  517. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.xml +29 -0
  518. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data +9 -0
  519. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.tmpl +23 -0
  520. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.xml +32 -0
  521. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data +9 -0
  522. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.tmpl +21 -0
  523. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.xml +28 -0
  524. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data +9 -0
  525. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.tmpl +20 -0
  526. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.xml +62 -0
  527. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data +9 -0
  528. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.tmpl +22 -0
  529. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.xml +64 -0
  530. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/key.txt +117 -0
  531. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/keys.xml +61 -0
  532. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/payment.xml +9 -0
  533. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.der +0 -0
  534. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 +0 -0
  535. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name-not-supported.xml +2 -0
  536. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name.xml +10 -0
  537. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1-no-match.xml +7 -0
  538. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1.xml +51 -0
  539. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.der +0 -0
  540. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.pem +26 -0
  541. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.der +0 -0
  542. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.pem +25 -0
  543. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.der +0 -0
  544. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.pem +24 -0
  545. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/create-keys.sh +73 -0
  546. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1-pk8.der +0 -0
  547. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.der +0 -0
  548. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.p12 +0 -0
  549. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.pem +18 -0
  550. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2-pk8.der +0 -0
  551. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.der +0 -0
  552. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.p12 +0 -0
  553. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.pem +9 -0
  554. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3-pk8.der +0 -0
  555. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.der +0 -0
  556. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.p12 +0 -0
  557. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.pem +9 -0
  558. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/openssl.cnf +106 -0
  559. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req2.pem +11 -0
  560. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req3.pem +11 -0
  561. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-bad-service.xml +2 -0
  562. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-no-match.xml +2 -0
  563. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1.xml +18 -0
  564. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2-no-match.xml +2 -0
  565. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2.xml +39 -0
  566. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data-no-match.xml +2 -0
  567. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data.xml +32 -0
  568. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/readme.txt +117 -0
  569. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name-msg-invalid.xml +9 -0
  570. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name.xml +14 -0
  571. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-no-match.xml +6 -0
  572. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-unsupported.xml +13 -0
  573. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1.xml +23 -0
  574. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name-msg-invalid.xml +11 -0
  575. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name.xml +14 -0
  576. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-no-match.xml +6 -0
  577. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-unsupported.xml +9 -0
  578. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1.xml +23 -0
  579. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request-success.xml +2 -0
  580. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request.xml +7 -0
  581. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1-no-match.xml +2 -0
  582. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1.xml +65 -0
  583. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/README +47 -0
  584. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd +1 -0
  585. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl +27 -0
  586. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.xml +27 -0
  587. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.tmpl +31 -0
  588. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.xml +42 -0
  589. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.tmpl +18 -0
  590. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml +87 -0
  591. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl +18 -0
  592. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml +85 -0
  593. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl +16 -0
  594. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml +15 -0
  595. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.tmpl +14 -0
  596. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml +13 -0
  597. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.tmpl +17 -0
  598. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.xml +85 -0
  599. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl +16 -0
  600. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml +15 -0
  601. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.tmpl +14 -0
  602. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml +13 -0
  603. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.tmpl +17 -0
  604. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.xml +85 -0
  605. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.tmpl +18 -0
  606. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml +85 -0
  607. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl +16 -0
  608. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml +15 -0
  609. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.tmpl +14 -0
  610. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.xml +13 -0
  611. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.tmpl +17 -0
  612. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.xml +85 -0
  613. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl +16 -0
  614. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml +15 -0
  615. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.tmpl +14 -0
  616. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.xml +13 -0
  617. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.tmpl +17 -0
  618. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.xml +85 -0
  619. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl +16 -0
  620. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml +15 -0
  621. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.tmpl +14 -0
  622. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.xml +13 -0
  623. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.tmpl +17 -0
  624. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.xml +85 -0
  625. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl +16 -0
  626. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml +15 -0
  627. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.tmpl +14 -0
  628. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.xml +13 -0
  629. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.tmpl +17 -0
  630. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.xml +103 -0
  631. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl +16 -0
  632. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml +16 -0
  633. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.tmpl +14 -0
  634. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.xml +15 -0
  635. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.tmpl +17 -0
  636. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.xml +104 -0
  637. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.tmpl +27 -0
  638. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.xml +40 -0
  639. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.tmpl +31 -0
  640. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.xml +117 -0
  641. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.tmpl +29 -0
  642. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.xml +28 -0
  643. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.data +1 -0
  644. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.tmpl +11 -0
  645. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.xml +12 -0
  646. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.data +1 -0
  647. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.xml +21 -0
  648. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.data +1 -0
  649. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.tmpl +11 -0
  650. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.xml +12 -0
  651. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.data +1 -0
  652. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.tmpl +10 -0
  653. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.xml +12 -0
  654. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data +1 -0
  655. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.tmpl +16 -0
  656. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.xml +18 -0
  657. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data +7 -0
  658. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.tmpl +11 -0
  659. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml +15 -0
  660. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data +7 -0
  661. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.tmpl +11 -0
  662. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.xml +15 -0
  663. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data +9 -0
  664. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.tmpl +11 -0
  665. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.xml +17 -0
  666. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.data +1 -0
  667. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.tmpl +8 -0
  668. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.xml +8 -0
  669. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data +1 -0
  670. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl +10 -0
  671. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml +12 -0
  672. data/vendor/xmlsec1-1.2.18/tests/keys/README +203 -0
  673. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.der +0 -0
  674. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.pem +66 -0
  675. data/vendor/xmlsec1-1.2.18/tests/keys/ca2key.pem +9 -0
  676. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.der +0 -0
  677. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.pem +72 -0
  678. data/vendor/xmlsec1-1.2.18/tests/keys/cakey.pem +18 -0
  679. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/cacert.pem +72 -0
  680. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/careq.pem +14 -0
  681. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/index.txt +6 -0
  682. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/01.pem +65 -0
  683. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/02.pem +93 -0
  684. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/03.pem +60 -0
  685. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/04.pem +60 -0
  686. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/05.pem +83 -0
  687. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/private/cakey.pem +18 -0
  688. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/serial +1 -0
  689. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.der +0 -0
  690. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.pem +78 -0
  691. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.der +0 -0
  692. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p12 +0 -0
  693. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-der +0 -0
  694. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-pem +8 -0
  695. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.pem +14 -0
  696. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.der +0 -0
  697. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.pem +61 -0
  698. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.der +0 -0
  699. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.p12 +0 -0
  700. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.pem +9 -0
  701. data/vendor/xmlsec1-1.2.18/tests/keys/expiredreq.pem +11 -0
  702. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.der +0 -0
  703. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.pem +13 -0
  704. data/vendor/xmlsec1-1.2.18/tests/keys/hmackey.bin +1 -0
  705. data/vendor/xmlsec1-1.2.18/tests/keys/keys.xml +83 -0
  706. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.der +0 -0
  707. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.pem +100 -0
  708. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-win.p12 +0 -0
  709. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-winxp.p12 +0 -0
  710. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.der +0 -0
  711. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p12 +0 -0
  712. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-der +0 -0
  713. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-pem +53 -0
  714. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.pem +51 -0
  715. data/vendor/xmlsec1-1.2.18/tests/keys/largersareq.pem +30 -0
  716. data/vendor/xmlsec1-1.2.18/tests/keys/merlincert.pem +20 -0
  717. data/vendor/xmlsec1-1.2.18/tests/keys/openssl.cnf +316 -0
  718. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.der +0 -0
  719. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.pem +61 -0
  720. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-win.p12 +0 -0
  721. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-winxp.p12 +0 -0
  722. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.der +0 -0
  723. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p12 +0 -0
  724. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-der +0 -0
  725. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-pem +11 -0
  726. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.pem +9 -0
  727. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/Readme.txt +20 -0
  728. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-0.txt +15 -0
  729. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-1.txt +15 -0
  730. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-10.txt +15 -0
  731. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-11.txt +15 -0
  732. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-12.txt +15 -0
  733. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-13.txt +15 -0
  734. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-14.txt +15 -0
  735. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-15.txt +0 -0
  736. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-16.txt +0 -0
  737. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-17.txt +15 -0
  738. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-18.txt +15 -0
  739. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-19.txt +15 -0
  740. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-2.txt +15 -0
  741. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-20.txt +15 -0
  742. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-21.txt +15 -0
  743. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-22.txt +15 -0
  744. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-23.txt +15 -0
  745. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-24.txt +1 -0
  746. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-25.txt +0 -0
  747. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-26.txt +15 -0
  748. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-27.txt +430 -0
  749. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-3.txt +15 -0
  750. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-4.txt +15 -0
  751. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-5.txt +15 -0
  752. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-6.txt +1 -0
  753. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-7.txt +1 -0
  754. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-8.txt +15 -0
  755. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-9.txt +15 -0
  756. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/signature.xml +526 -0
  757. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/Readme.txt +3 -0
  758. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.tmpl +52 -0
  759. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.xml +73 -0
  760. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/Readme.txt +63 -0
  761. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.der +0 -0
  762. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.pem +20 -0
  763. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.der +0 -0
  764. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.pem +20 -0
  765. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/bres.pem +20 -0
  766. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.der +0 -0
  767. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.pem +20 -0
  768. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der +0 -0
  769. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem +20 -0
  770. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.der +0 -0
  771. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.pem +12 -0
  772. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.der +0 -0
  773. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.pem +20 -0
  774. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.der +0 -0
  775. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.pem +21 -0
  776. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/morigu.pem +20 -0
  777. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.der +0 -0
  778. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.pem +20 -0
  779. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.tmpl +22 -0
  780. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml +43 -0
  781. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.tmpl +21 -0
  782. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml +42 -0
  783. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.tmpl +18 -0
  784. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml +39 -0
  785. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl +16 -0
  786. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml +17 -0
  787. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.tmpl +14 -0
  788. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml +15 -0
  789. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.tmpl +18 -0
  790. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml +31 -0
  791. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.tmpl +20 -0
  792. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml +41 -0
  793. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.tmpl +17 -0
  794. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml +38 -0
  795. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.tmpl +16 -0
  796. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.xml +17 -0
  797. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.tmpl +16 -0
  798. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml +17 -0
  799. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.tmpl +17 -0
  800. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml +47 -0
  801. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.tmpl +17 -0
  802. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml +38 -0
  803. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.tmpl +17 -0
  804. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml +24 -0
  805. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.tmpl +17 -0
  806. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml +21 -0
  807. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.tmpl +17 -0
  808. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml +21 -0
  809. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.tmpl +245 -0
  810. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.xml +269 -0
  811. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/Readme.txt +117 -0
  812. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml +42 -0
  813. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform-except.xml +83 -0
  814. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform.xml +73 -0
  815. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh0.p8 +0 -0
  816. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh1.p8 +0 -0
  817. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dsa.p8 +0 -0
  818. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data +27 -0
  819. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.tmpl +20 -0
  820. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml +45 -0
  821. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml +113 -0
  822. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data +27 -0
  823. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.tmpl +18 -0
  824. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml +42 -0
  825. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data +27 -0
  826. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.tmpl +11 -0
  827. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml +35 -0
  828. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.data +1 -0
  829. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.tmpl +11 -0
  830. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml +12 -0
  831. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data +1 -0
  832. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.tmpl +20 -0
  833. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml +22 -0
  834. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data +1 -0
  835. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.tmpl +20 -0
  836. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml +22 -0
  837. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml +46 -0
  838. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data +1 -0
  839. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.tmpl +21 -0
  840. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml +43 -0
  841. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data +27 -0
  842. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.tmpl +19 -0
  843. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml +63 -0
  844. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.data +36 -0
  845. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml +42 -0
  846. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml +57 -0
  847. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml +122 -0
  848. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.data +40 -0
  849. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml +47 -0
  850. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data +27 -0
  851. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.tmpl +20 -0
  852. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml +43 -0
  853. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml +98 -0
  854. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml +108 -0
  855. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml +46 -0
  856. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml +51 -0
  857. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.tmpl +25 -0
  858. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml +27 -0
  859. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml +27 -0
  860. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml +27 -0
  861. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml +28 -0
  862. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/ids.p12 +0 -0
  863. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/keys.xml +42 -0
  864. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/plaintext.xml +24 -0
  865. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsa.p8 +0 -0
  866. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.der +0 -0
  867. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p12 +0 -0
  868. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-der +0 -0
  869. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-pem +17 -0
  870. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.pem +15 -0
  871. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapub.pem +6 -0
  872. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/Readme.txt +23 -0
  873. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-0.txt +11 -0
  874. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-1.txt +0 -0
  875. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-2.txt +25 -0
  876. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.tmpl +50 -0
  877. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.xml +122 -0
  878. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl-c14n-0.txt +3986 -0
  879. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.tmpl +4153 -0
  880. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.xml +4225 -0
  881. data/vendor/xmlsec1-1.2.18/tests/nss.supp +220 -0
  882. data/vendor/xmlsec1-1.2.18/tests/nssdb/cert8.db +0 -0
  883. data/vendor/xmlsec1-1.2.18/tests/nssdb/key3.db +0 -0
  884. data/vendor/xmlsec1-1.2.18/tests/nssdb/secmod.db +0 -0
  885. data/vendor/xmlsec1-1.2.18/tests/openssl.supp +63 -0
  886. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt +248 -0
  887. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/crl.der +0 -0
  888. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-ca-cert.der +0 -0
  889. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-cert.der +0 -0
  890. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-dsa-key.der +0 -0
  891. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-rsa-key.der +0 -0
  892. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/hmackey.bin +1 -0
  893. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-ca-cert.der +0 -0
  894. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-cert.der +0 -0
  895. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document-stylesheet.xml +7 -0
  896. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.b64 +4 -0
  897. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xml +6 -0
  898. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xsl +45 -0
  899. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-big.xml +39 -0
  900. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-detached.xml +1 -0
  901. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloped.xml +6 -0
  902. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloping.xml +6 -0
  903. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-manifest.xml +1 -0
  904. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping.xml +6 -0
  905. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml +1 -0
  906. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml +1 -0
  907. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml +1 -0
  908. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml +6 -0
  909. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml +1 -0
  910. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xpath-transform.xml +1 -0
  911. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method.xml +6 -0
  912. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method.xml +39 -0
  913. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform.xml +39 -0
  914. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached.xml +1 -0
  915. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml +6 -0
  916. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-sig.xml +6 -0
  917. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped.xml +6 -0
  918. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloping.xml +6 -0
  919. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain.xml +1 -0
  920. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert.xml +1 -0
  921. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial.xml +1 -0
  922. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski.xml +1 -0
  923. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name.xml +1 -0
  924. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest.xml +1 -0
  925. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped.xml +6 -0
  926. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-~x509-data-crl.xml +1 -0
  927. data/vendor/xmlsec1-1.2.18/tests/testDSig.sh +875 -0
  928. data/vendor/xmlsec1-1.2.18/tests/testEnc.sh +411 -0
  929. data/vendor/xmlsec1-1.2.18/tests/testKeys.sh +69 -0
  930. data/vendor/xmlsec1-1.2.18/tests/testRes.sh +20 -0
  931. data/vendor/xmlsec1-1.2.18/tests/testXKMS.sh +129 -0
  932. data/vendor/xmlsec1-1.2.18/tests/testrun.sh +443 -0
  933. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/c14n11/xml-base-input.xml +17 -0
  934. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.tmpl +2 -0
  935. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.xml +2 -0
  936. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.tmpl +2 -0
  937. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.xml +2 -0
  938. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.tmpl +2 -0
  939. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.xml +2 -0
  940. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-1-SUN.xml +21 -0
  941. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-2-SUN.xml +21 -0
  942. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-3-SUN.xml +21 -0
  943. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-4-SUN.xml +21 -0
  944. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-5-SUN.xml +21 -0
  945. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-6-SUN.xml +21 -0
  946. data/vendor/xmlsec1-1.2.18/win32/Makefile.msvc +699 -0
  947. data/vendor/xmlsec1-1.2.18/win32/README.txt +168 -12
  948. data/vendor/xmlsec1-1.2.18/win32/configure.js +395 -0
  949. data/vendor/xmlsec1-1.2.18/win32/libxmlsec.def.src +25 -0
  950. data/vendor/xmlsec1-1.2.18/win32/mycfg.bat +21 -0
  951. data/vendor/xmlsec1-1.2.18/xmlsec-config.in +243 -0
  952. data/vendor/xmlsec1-1.2.18/xmlsec-gcrypt.pc.in +11 -0
  953. data/vendor/xmlsec1-1.2.18/xmlsec-gnutls.pc.in +11 -0
  954. data/vendor/xmlsec1-1.2.18/xmlsec-nss.pc.in +11 -0
  955. data/vendor/xmlsec1-1.2.18/xmlsec-openssl.pc.in +11 -0
  956. data/vendor/xmlsec1-1.2.18/xmlsec.pc.in +11 -0
  957. data/vendor/xmlsec1-1.2.18/xmlsec.spec.in +185 -0
  958. data/vendor/xmlsec1-1.2.18/xmlsec1-config +243 -0
  959. data/vendor/xmlsec1-1.2.18/xmlsec1-gcrypt.pc +11 -0
  960. data/vendor/xmlsec1-1.2.18/xmlsec1-gnutls.pc +11 -0
  961. data/vendor/xmlsec1-1.2.18/xmlsec1-nss.pc +11 -0
  962. data/vendor/xmlsec1-1.2.18/xmlsec1-openssl.pc +11 -0
  963. data/vendor/xmlsec1-1.2.18/xmlsec1.m4 +172 -0
  964. data/vendor/xmlsec1-1.2.18/xmlsec1.pc +11 -0
  965. data/vendor/xmlsec1-1.2.18/xmlsec1.spec +185 -0
  966. data/vendor/xmlsec1-1.2.18/xmlsec1Conf.sh +13 -0
  967. data/vendor/xmlsec1-1.2.18/xmlsecConf.sh.in +13 -0
  968. data/xmlsec-shim.gemspec +18 -0
  969. metadata +1014 -0
@@ -0,0 +1,1406 @@
1
+ /**
2
+ * XMLSec library
3
+ *
4
+ * X509 support
5
+ *
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
11
+ * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
12
+ */
13
+ #include "globals.h"
14
+
15
+ #ifndef XMLSEC_NO_X509
16
+
17
+ #include <stdlib.h>
18
+ #include <stdio.h>
19
+ #include <string.h>
20
+ #include <ctype.h>
21
+ #include <errno.h>
22
+
23
+ #include <libxml/tree.h>
24
+
25
+ #include <xmlsec/xmlsec.h>
26
+ #include <xmlsec/xmltree.h>
27
+ #include <xmlsec/keys.h>
28
+ #include <xmlsec/keyinfo.h>
29
+ #include <xmlsec/keysmngr.h>
30
+ #include <xmlsec/base64.h>
31
+ #include <xmlsec/bn.h>
32
+ #include <xmlsec/errors.h>
33
+
34
+ #include <xmlsec/mscrypto/crypto.h>
35
+ #include <xmlsec/mscrypto/x509.h>
36
+ #include "private.h"
37
+
38
+ /**************************************************************************
39
+ *
40
+ * Internal MSCRYPTO X509 store CTX
41
+ *
42
+ *************************************************************************/
43
+ typedef struct _xmlSecMSCryptoX509StoreCtx xmlSecMSCryptoX509StoreCtx,
44
+ *xmlSecMSCryptoX509StoreCtxPtr;
45
+ struct _xmlSecMSCryptoX509StoreCtx {
46
+ HCERTSTORE trusted;
47
+ HCERTSTORE untrusted;
48
+ int dont_use_system_trusted_certs;
49
+ };
50
+
51
+ /****************************************************************************
52
+ *
53
+ * xmlSecMSCryptoKeyDataStoreX509Id:
54
+ *
55
+ * xmlSecMSCryptoX509StoreCtx is located after xmlSecTransform
56
+ *
57
+ ***************************************************************************/
58
+ #define xmlSecMSCryptoX509StoreGetCtx(store) \
59
+ ((xmlSecMSCryptoX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
60
+ sizeof(xmlSecKeyDataStoreKlass)))
61
+ #define xmlSecMSCryptoX509StoreSize \
62
+ (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecMSCryptoX509StoreCtx))
63
+
64
+ static int xmlSecMSCryptoX509StoreInitialize (xmlSecKeyDataStorePtr store);
65
+ static void xmlSecMSCryptoX509StoreFinalize (xmlSecKeyDataStorePtr store);
66
+
67
+ static xmlSecKeyDataStoreKlass xmlSecMSCryptoX509StoreKlass = {
68
+ sizeof(xmlSecKeyDataStoreKlass),
69
+ xmlSecMSCryptoX509StoreSize,
70
+
71
+ /* data */
72
+ xmlSecNameX509Store, /* const xmlChar* name; */
73
+
74
+ /* constructors/destructor */
75
+ xmlSecMSCryptoX509StoreInitialize, /* xmlSecKeyDataStoreInitializeMethod initialize; */
76
+ xmlSecMSCryptoX509StoreFinalize, /* xmlSecKeyDataStoreFinalizeMethod finalize; */
77
+
78
+ /* reserved for the future */
79
+ NULL, /* void* reserved0; */
80
+ NULL, /* void* reserved1; */
81
+ };
82
+
83
+ static PCCERT_CONTEXT xmlSecMSCryptoX509FindCert(HCERTSTORE store,
84
+ const xmlChar *subjectName,
85
+ const xmlChar *issuerName,
86
+ const xmlChar *issuerSerial,
87
+ const xmlChar *ski);
88
+
89
+
90
+ /**
91
+ * xmlSecMSCryptoX509StoreGetKlass:
92
+ *
93
+ * The MSCrypto X509 certificates key data store klass.
94
+ *
95
+ * Returns: pointer to MSCrypto X509 certificates key data store klass.
96
+ */
97
+ xmlSecKeyDataStoreId
98
+ xmlSecMSCryptoX509StoreGetKlass(void) {
99
+ return(&xmlSecMSCryptoX509StoreKlass);
100
+ }
101
+
102
+ /**
103
+ * xmlSecMSCryptoX509StoreFindCert:
104
+ * @store: the pointer to X509 key data store klass.
105
+ * @subjectName: the desired certificate name.
106
+ * @issuerName: the desired certificate issuer name.
107
+ * @issuerSerial: the desired certificate issuer serial number.
108
+ * @ski: the desired certificate SKI.
109
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
110
+ *
111
+ * Searches @store for a certificate that matches given criteria.
112
+ *
113
+ * Returns: pointer to found certificate or NULL if certificate is not found
114
+ * or an error occurs.
115
+ */
116
+ PCCERT_CONTEXT
117
+ xmlSecMSCryptoX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
118
+ xmlChar *issuerName, xmlChar *issuerSerial,
119
+ xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
120
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
121
+ PCCERT_CONTEXT pCert = NULL;
122
+
123
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), NULL);
124
+ xmlSecAssert2(keyInfoCtx != NULL, NULL);
125
+
126
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
127
+ xmlSecAssert2(ctx != NULL, NULL);
128
+
129
+ /* search untrusted certs store */
130
+ if((ctx->untrusted != NULL) && (pCert == NULL)) {
131
+ pCert = xmlSecMSCryptoX509FindCert(ctx->untrusted, subjectName, issuerName, issuerSerial, ski);
132
+ }
133
+
134
+ /* search untrusted certs store */
135
+ if((ctx->trusted != NULL) && (pCert == NULL)) {
136
+ pCert = xmlSecMSCryptoX509FindCert(ctx->trusted, subjectName, issuerName, issuerSerial, ski);
137
+ }
138
+
139
+ return pCert;
140
+ }
141
+
142
+
143
+ static void
144
+ xmlSecMSCryptoUnixTimeToFileTime(time_t t, LPFILETIME pft) {
145
+ /* Note that LONGLONG is a 64-bit value */
146
+ LONGLONG ll;
147
+
148
+ xmlSecAssert(pft != NULL);
149
+
150
+ #if defined( __MINGW32__)
151
+ ll = Int32x32To64(t, 10000000) + 116444736000000000ULL;
152
+ #else
153
+ ll = Int32x32To64(t, 10000000) + 116444736000000000;
154
+ #endif
155
+ pft->dwLowDateTime = (DWORD)ll;
156
+ pft->dwHighDateTime = ll >> 32;
157
+ }
158
+
159
+ static BOOL
160
+ xmlSecMSCrypoVerifyCertTime(PCCERT_CONTEXT pCert, LPFILETIME pft) {
161
+ xmlSecAssert2(pCert != NULL, FALSE);
162
+ xmlSecAssert2(pCert->pCertInfo != NULL, FALSE);
163
+ xmlSecAssert2(pft != NULL, FALSE);
164
+
165
+ if(1 == CompareFileTime(&(pCert->pCertInfo->NotBefore), pft)) {
166
+ return (FALSE);
167
+ }
168
+ if(-1 == CompareFileTime(&(pCert->pCertInfo->NotAfter), pft)) {
169
+ return (FALSE);
170
+ }
171
+
172
+ return (TRUE);
173
+ }
174
+
175
+ static BOOL
176
+ xmlSecMSCryptoCheckRevocation(HCERTSTORE hStore, PCCERT_CONTEXT pCert) {
177
+ PCCRL_CONTEXT pCrl = NULL;
178
+ PCRL_ENTRY pCrlEntry = NULL;
179
+
180
+ xmlSecAssert2(pCert != NULL, FALSE);
181
+ xmlSecAssert2(hStore != NULL, FALSE);
182
+
183
+ while((pCrl = CertEnumCRLsInStore(hStore, pCrl)) != NULL) {
184
+ if (CertFindCertificateInCRL(pCert, pCrl, 0, NULL, &pCrlEntry) && (pCrlEntry != NULL)) {
185
+ xmlSecError(XMLSEC_ERRORS_HERE,
186
+ NULL,
187
+ "CertFindCertificateInCRL",
188
+ XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
189
+ "cert found in crl list");
190
+ return(FALSE);
191
+ }
192
+ }
193
+
194
+ return(TRUE);
195
+ }
196
+
197
+ static void
198
+ xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, DWORD flags) {
199
+ xmlChar * subject = NULL;
200
+ DWORD dwSize;
201
+
202
+ xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
203
+ xmlSecAssert(cert != NULL);
204
+ xmlSecAssert(flags != 0);
205
+
206
+ /* get certs subject */
207
+ subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
208
+ if(subject == NULL) {
209
+ xmlSecError(XMLSEC_ERRORS_HERE,
210
+ "xmlSecMSCryptoX509GetNameString",
211
+ NULL,
212
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
213
+ XMLSEC_ERRORS_NO_MESSAGE);
214
+ return;
215
+ }
216
+
217
+ /* print error */
218
+ if (flags & CERT_STORE_SIGNATURE_FLAG) {
219
+ xmlSecError(XMLSEC_ERRORS_HERE,
220
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
221
+ xmlSecErrorsSafeString(subject),
222
+ XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
223
+ "signature");
224
+ } else if (flags & CERT_STORE_TIME_VALIDITY_FLAG) {
225
+ xmlSecError(XMLSEC_ERRORS_HERE,
226
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
227
+ xmlSecErrorsSafeString(subject),
228
+ XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
229
+ XMLSEC_ERRORS_NO_MESSAGE);
230
+ } else if (flags & CERT_STORE_REVOCATION_FLAG) {
231
+ if (flags & CERT_STORE_NO_CRL_FLAG) {
232
+ xmlSecError(XMLSEC_ERRORS_HERE,
233
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
234
+ xmlSecErrorsSafeString(subject),
235
+ XMLSEC_ERRORS_R_CERT_REVOKED,
236
+ "no crl");
237
+ } else {
238
+ xmlSecError(XMLSEC_ERRORS_HERE,
239
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
240
+ xmlSecErrorsSafeString(subject),
241
+ XMLSEC_ERRORS_R_CERT_REVOKED,
242
+ XMLSEC_ERRORS_NO_MESSAGE);
243
+ }
244
+ } else {
245
+ xmlSecError(XMLSEC_ERRORS_HERE,
246
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
247
+ xmlSecErrorsSafeString(subject),
248
+ XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
249
+ XMLSEC_ERRORS_NO_MESSAGE);
250
+ }
251
+
252
+ xmlFree(subject);
253
+ }
254
+
255
+ /**
256
+ * xmlSecBuildChainUsingWinapi:
257
+ * @cert: the certificate we check
258
+ * @pfTime: pointer to FILETIME that we are interested in
259
+ * @store_untrusted: untrusted certificates added via API
260
+ * @store_doc: untrusted certificates/CRLs extracted from a document
261
+ *
262
+ * Builds certificates chain using Windows API.
263
+ *
264
+ * Returns: TRUE on success or FALSE otherwise.
265
+ */
266
+ static BOOL
267
+ xmlSecBuildChainUsingWinapi (PCCERT_CONTEXT cert, LPFILETIME pfTime,
268
+ HCERTSTORE store_untrusted, HCERTSTORE store_doc)
269
+ {
270
+ PCCERT_CHAIN_CONTEXT pChainContext = NULL;
271
+ CERT_CHAIN_PARA chainPara;
272
+ BOOL rc = FALSE;
273
+ HCERTSTORE store_add = NULL;
274
+
275
+ /* Initialize data structures. */
276
+
277
+ memset(&chainPara, 0, sizeof(CERT_CHAIN_PARA));
278
+ chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
279
+
280
+ /* Create additional store for CertGetCertificateChain() */
281
+ store_add = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, 0, NULL);
282
+ if (!store_add) {
283
+ xmlSecError(XMLSEC_ERRORS_HERE,
284
+ "chain additional collection store",
285
+ "CertOpenStore",
286
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
287
+ XMLSEC_ERRORS_NO_MESSAGE);
288
+ goto end;
289
+ }
290
+ if (!CertAddStoreToCollection(store_add, store_doc, 0, 0)) {
291
+ xmlSecError(XMLSEC_ERRORS_HERE,
292
+ "adding document store",
293
+ "CertAddStoreToCollection",
294
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
295
+ XMLSEC_ERRORS_NO_MESSAGE);
296
+ goto end;
297
+ }
298
+ if (!CertAddStoreToCollection(store_add, store_untrusted, 0, 0)) {
299
+ xmlSecError(XMLSEC_ERRORS_HERE,
300
+ "adding untrusted store",
301
+ "CertAddStoreToCollection",
302
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
303
+ XMLSEC_ERRORS_NO_MESSAGE);
304
+ goto end;
305
+ }
306
+
307
+ /* Build a chain using CertGetCertificateChain
308
+ and the certificate retrieved. */
309
+ if(!CertGetCertificateChain(
310
+ NULL, /* use the default chain engine */
311
+ cert,
312
+ pfTime,
313
+ store_add,
314
+ &chainPara,
315
+ CERT_CHAIN_REVOCATION_CHECK_CHAIN,
316
+ NULL,
317
+ &pChainContext))
318
+ {
319
+ xmlSecError(XMLSEC_ERRORS_HERE,
320
+ "building certificate chain, checking root",
321
+ "CertGetCertificateChain",
322
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
323
+ XMLSEC_ERRORS_NO_MESSAGE);
324
+ goto end;
325
+ }
326
+ if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_REVOCATION_STATUS_UNKNOWN) {
327
+ CertFreeCertificateChain(pChainContext); pChainContext = NULL;
328
+ if(!CertGetCertificateChain(
329
+ NULL, /* use the default chain engine */
330
+ cert,
331
+ pfTime,
332
+ store_add,
333
+ &chainPara,
334
+ CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT,
335
+ NULL,
336
+ &pChainContext))
337
+ {
338
+ xmlSecError(XMLSEC_ERRORS_HERE,
339
+ "building certificate chain, excluding root",
340
+ "CertGetCertificateChain",
341
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
342
+ XMLSEC_ERRORS_NO_MESSAGE);
343
+ goto end;
344
+ }
345
+ }
346
+
347
+ if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR)
348
+ rc = TRUE;
349
+
350
+ end:
351
+ if (pChainContext) CertFreeCertificateChain(pChainContext);
352
+ if (store_add) CertCloseStore(store_add, 0);
353
+ return (rc);
354
+ }
355
+
356
+ /**
357
+ * xmlSecMSCryptoBuildCertChainManually:
358
+ * @cert: the certificate we check
359
+ * @pfTime: pointer to FILETIME that we are interested in
360
+ * @store_trusted: trusted certificates added via API
361
+ * @store_untrusted: untrusted certificates added via API
362
+ * @certs: untrusted certificates/CRLs extracted from a document
363
+ * @store: pointer to store klass passed to error functions
364
+ *
365
+ * Builds certificates chain manually.
366
+ *
367
+ * Returns: TRUE on success or FALSE otherwise.
368
+ */
369
+ static BOOL
370
+ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
371
+ HCERTSTORE store_trusted, HCERTSTORE store_untrusted, HCERTSTORE certs,
372
+ xmlSecKeyDataStorePtr store) {
373
+ PCCERT_CONTEXT issuerCert = NULL;
374
+ DWORD flags;
375
+
376
+ if (!xmlSecMSCrypoVerifyCertTime(cert, pfTime)) {
377
+ xmlSecMSCryptoX509StoreCertError(store, cert, CERT_STORE_TIME_VALIDITY_FLAG);
378
+ return(FALSE);
379
+ }
380
+
381
+ if (!xmlSecMSCryptoCheckRevocation(certs, cert)) {
382
+ return(FALSE);
383
+ }
384
+
385
+ /*
386
+ * Try to find the cert in the trusted cert store. We will trust
387
+ * the certificate in the trusted store.
388
+ */
389
+ issuerCert = CertFindCertificateInStore(store_trusted,
390
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
391
+ 0,
392
+ CERT_FIND_SUBJECT_NAME,
393
+ &(cert->pCertInfo->Subject),
394
+ NULL);
395
+ if( issuerCert != NULL) {
396
+ /* We have found the trusted cert, so return true */
397
+ /* todo: do we want to verify the trusted cert's revocation? we must, I think */
398
+ CertFreeCertificateContext( issuerCert ) ;
399
+ return( TRUE ) ;
400
+ }
401
+
402
+ /* Check whether the certificate is self signed certificate */
403
+ if(CertCompareCertificateName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, &(cert->pCertInfo->Subject), &(cert->pCertInfo->Issuer))) {
404
+ return(FALSE);
405
+ }
406
+
407
+ /* try to find issuer cert in the trusted cert in the store */
408
+ issuerCert = CertFindCertificateInStore(store_trusted,
409
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
410
+ 0,
411
+ CERT_FIND_SUBJECT_NAME,
412
+ &(cert->pCertInfo->Issuer),
413
+ NULL);
414
+ if(issuerCert != NULL) {
415
+ flags = CERT_STORE_REVOCATION_FLAG | CERT_STORE_SIGNATURE_FLAG;
416
+ if(!CertVerifySubjectCertificateContext(cert, issuerCert, &flags)) {
417
+ xmlSecMSCryptoX509StoreCertError(store, issuerCert, flags);
418
+ CertFreeCertificateContext(issuerCert);
419
+ return(FALSE);
420
+ }
421
+ /* todo: do we want to verify the trusted cert? we must check
422
+ * revocation, I think */
423
+ CertFreeCertificateContext(issuerCert);
424
+ return(TRUE);
425
+ }
426
+
427
+ /* try the untrusted certs in the chain */
428
+ issuerCert = CertFindCertificateInStore(certs,
429
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
430
+ 0,
431
+ CERT_FIND_SUBJECT_NAME,
432
+ &(cert->pCertInfo->Issuer),
433
+ NULL);
434
+ if(issuerCert != NULL) {
435
+ flags = CERT_STORE_REVOCATION_FLAG | CERT_STORE_SIGNATURE_FLAG;
436
+ if(!CertVerifySubjectCertificateContext(cert, issuerCert, &flags)) {
437
+ xmlSecMSCryptoX509StoreCertError(store, issuerCert, flags);
438
+ CertFreeCertificateContext(issuerCert);
439
+ return(FALSE);
440
+ }
441
+ if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
442
+ xmlSecMSCryptoX509StoreCertError(store, issuerCert, flags);
443
+ CertFreeCertificateContext(issuerCert);
444
+ return(FALSE);
445
+ }
446
+ CertFreeCertificateContext(issuerCert);
447
+ return(TRUE);
448
+ }
449
+
450
+ /* try the untrusted certs in the store */
451
+ issuerCert = CertFindCertificateInStore(store_untrusted,
452
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
453
+ 0,
454
+ CERT_FIND_SUBJECT_NAME,
455
+ &(cert->pCertInfo->Issuer),
456
+ NULL);
457
+ if(issuerCert != NULL) {
458
+ flags = CERT_STORE_REVOCATION_FLAG | CERT_STORE_SIGNATURE_FLAG;
459
+ if(!CertVerifySubjectCertificateContext(cert, issuerCert, &flags)) {
460
+ xmlSecMSCryptoX509StoreCertError(store, issuerCert, flags);
461
+ CertFreeCertificateContext(issuerCert);
462
+ return(FALSE);
463
+ }
464
+ if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
465
+ CertFreeCertificateContext(issuerCert);
466
+ return(FALSE);
467
+ }
468
+ CertFreeCertificateContext(issuerCert);
469
+ return(TRUE);
470
+ }
471
+
472
+ return(FALSE);
473
+ }
474
+
475
+ static BOOL
476
+ xmlSecMSCryptoX509StoreConstructCertsChain(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, HCERTSTORE certs,
477
+ xmlSecKeyInfoCtx* keyInfoCtx) {
478
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
479
+ PCCERT_CONTEXT tempCert = NULL;
480
+ FILETIME fTime;
481
+ BOOL res = FALSE;
482
+
483
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), FALSE);
484
+ xmlSecAssert2(cert != NULL, FALSE);
485
+ xmlSecAssert2(cert->pCertInfo != NULL, FALSE);
486
+ xmlSecAssert2(certs != NULL, FALSE);
487
+ xmlSecAssert2(keyInfoCtx != NULL, FALSE);
488
+
489
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
490
+ xmlSecAssert2(ctx != NULL, FALSE);
491
+ xmlSecAssert2(ctx->trusted != NULL, FALSE);
492
+ xmlSecAssert2(ctx->untrusted != NULL, FALSE);
493
+
494
+ if(keyInfoCtx->certsVerificationTime > 0) {
495
+ /* convert the time to FILETIME */
496
+ xmlSecMSCryptoUnixTimeToFileTime(keyInfoCtx->certsVerificationTime, &fTime);
497
+ } else {
498
+ /* Defaults to current time */
499
+ GetSystemTimeAsFileTime(&fTime);
500
+ }
501
+
502
+ /* try the certificates in the keys manager */
503
+ if(!res) {
504
+ tempCert = CertEnumCertificatesInStore(ctx->trusted, NULL);
505
+ if(tempCert) {
506
+ CertFreeCertificateContext(tempCert);
507
+ res = xmlSecMSCryptoBuildCertChainManually(cert, &fTime, ctx->trusted, ctx->untrusted, certs, store);
508
+ }
509
+ }
510
+
511
+ /* try the certificates in the system */
512
+ if(!res && !ctx->dont_use_system_trusted_certs) {
513
+ res = xmlSecBuildChainUsingWinapi(cert, &fTime, ctx->untrusted, certs);
514
+ }
515
+
516
+ /* done */
517
+ return res;
518
+ }
519
+
520
+ /**
521
+ * xmlSecMSCryptoX509StoreVerify:
522
+ * @store: the pointer to X509 certificate context store klass.
523
+ * @certs: the untrusted certificates stack.
524
+ * @keyInfoCtx: the pointer to <dsig:KeyInfo/> element processing context.
525
+ *
526
+ * Verifies @certs list.
527
+ *
528
+ * Returns: pointer to the first verified certificate from @certs.
529
+ */
530
+ PCCERT_CONTEXT
531
+ xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs,
532
+ xmlSecKeyInfoCtx* keyInfoCtx) {
533
+ PCCERT_CONTEXT cert = NULL;
534
+
535
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), NULL);
536
+ xmlSecAssert2(certs != NULL, NULL);
537
+ xmlSecAssert2(keyInfoCtx != NULL, NULL);
538
+
539
+ while((cert = CertEnumCertificatesInStore(certs, cert)) != NULL){
540
+ PCCERT_CONTEXT nextCert = NULL;
541
+ unsigned char selected = 1;
542
+
543
+ xmlSecAssert2(cert->pCertInfo != NULL, NULL);
544
+
545
+ /* if cert is the issuer of any other cert in the list, then it is
546
+ * to be skipped except a case of a celf-signed cert*/
547
+ do {
548
+ nextCert = CertFindCertificateInStore(certs,
549
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
550
+ 0,
551
+ CERT_FIND_ISSUER_NAME,
552
+ &(cert->pCertInfo->Subject),
553
+ nextCert);
554
+ if((nextCert != NULL) && !CertCompareCertificateName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
555
+ &(nextCert->pCertInfo->Subject), &(nextCert->pCertInfo->Issuer))) {
556
+ selected = 0;
557
+ }
558
+ } while((selected == 1) && (nextCert != NULL));
559
+ if(nextCert != NULL) {
560
+ CertFreeCertificateContext(nextCert);
561
+ }
562
+
563
+ if((selected == 1) && xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) {
564
+ return(cert);
565
+ }
566
+ }
567
+
568
+ return (NULL);
569
+ }
570
+
571
+ /**
572
+ * xmlSecMSCryptoX509StoreAdoptCert:
573
+ * @store: the pointer to X509 key data store klass.
574
+ * @cert: the pointer to PCCERT_CONTEXT X509 certificate.
575
+ * @type: the certificate type (trusted/untrusted).
576
+ *
577
+ * Adds trusted (root) or untrusted certificate to the store.
578
+ *
579
+ * Returns: 0 on success or a negative value if an error occurs.
580
+ */
581
+ int
582
+ xmlSecMSCryptoX509StoreAdoptCert(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT pCert, xmlSecKeyDataType type) {
583
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
584
+ HCERTSTORE certStore;
585
+
586
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), -1);
587
+ xmlSecAssert2(pCert != NULL, -1);
588
+
589
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
590
+ xmlSecAssert2(ctx != NULL, -1);
591
+ xmlSecAssert2(ctx->trusted != NULL, -1);
592
+ xmlSecAssert2(ctx->untrusted != NULL, -1);
593
+
594
+ if(type == xmlSecKeyDataTypeTrusted) {
595
+ certStore = ctx->trusted;
596
+ } else if(type == xmlSecKeyDataTypeNone) {
597
+ certStore = ctx->untrusted;
598
+ } else {
599
+ xmlSecError(XMLSEC_ERRORS_HERE,
600
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
601
+ NULL,
602
+ XMLSEC_ERRORS_R_INVALID_TYPE,
603
+ "type=%d", type);
604
+ return(-1);
605
+ }
606
+
607
+ /* TODO: The context to be added here is not duplicated first,
608
+ * hopefully this will not lead to errors when closing teh store
609
+ * and freeing the mem for all the context in the store.
610
+ */
611
+ xmlSecAssert2(certStore != NULL, -1);
612
+ if (!CertAddCertificateContextToStore(certStore, pCert, CERT_STORE_ADD_ALWAYS, NULL)) {
613
+ xmlSecError(XMLSEC_ERRORS_HERE,
614
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
615
+ "CertAddCertificateContextToStore",
616
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
617
+ XMLSEC_ERRORS_NO_MESSAGE);
618
+ return(-1);
619
+ }
620
+
621
+ return(0);
622
+ }
623
+
624
+
625
+ /**
626
+ * xmlSecMSCryptoX509StoreAdoptKeyStore:
627
+ * @store: the pointer to X509 key data store klass.
628
+ * @keyStore: the pointer to keys store.
629
+ *
630
+ * Adds @keyStore to the list of key stores.
631
+ *
632
+ * Returns: 0 on success or a negative value if an error occurs.
633
+ */
634
+ int
635
+ xmlSecMSCryptoX509StoreAdoptKeyStore (xmlSecKeyDataStorePtr store, HCERTSTORE keyStore) {
636
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
637
+
638
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), -1);
639
+ xmlSecAssert2( keyStore != NULL, -1);
640
+
641
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
642
+ xmlSecAssert2(ctx != NULL, -1);
643
+ xmlSecAssert2(ctx->trusted != NULL, -1);
644
+
645
+ if(!CertAddStoreToCollection ( ctx->trusted , keyStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 2)) {
646
+ xmlSecError(XMLSEC_ERRORS_HERE,
647
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
648
+ "CertAddStoreToCollection",
649
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
650
+ XMLSEC_ERRORS_NO_MESSAGE);
651
+ return(-1);
652
+ }
653
+
654
+ return(0);
655
+ }
656
+
657
+ /**
658
+ * xmlSecMSCryptoX509StoreAdoptTrustedStore:
659
+ * @store: the pointer to X509 key data store klass.
660
+ * @trustedStore: the pointer to certs store.
661
+ *
662
+ * Adds @trustedStore to the list of trusted certs stores.
663
+ *
664
+ * Returns: 0 on success or a negative value if an error occurs.
665
+ */
666
+ int
667
+ xmlSecMSCryptoX509StoreAdoptTrustedStore (xmlSecKeyDataStorePtr store, HCERTSTORE trustedStore) {
668
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
669
+
670
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), -1);
671
+ xmlSecAssert2( trustedStore != NULL, -1);
672
+
673
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
674
+ xmlSecAssert2(ctx != NULL, -1);
675
+ xmlSecAssert2(ctx->trusted != NULL, -1);
676
+
677
+ if( !CertAddStoreToCollection ( ctx->trusted , trustedStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 3 ) ) {
678
+ xmlSecError(XMLSEC_ERRORS_HERE,
679
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
680
+ "CertAddStoreToCollection",
681
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
682
+ XMLSEC_ERRORS_NO_MESSAGE);
683
+ return(-1);
684
+ }
685
+
686
+ return(0);
687
+ }
688
+
689
+ /**
690
+ * xmlSecMSCryptoX509StoreAdoptUntrustedStore:
691
+ * @store: the pointer to X509 key data store klass.
692
+ * @untrustedStore: the pointer to certs store.
693
+ *
694
+ * Adds @trustedStore to the list of un-trusted certs stores.
695
+ *
696
+ * Returns: 0 on success or a negative value if an error occurs.
697
+ */
698
+ int
699
+ xmlSecMSCryptoX509StoreAdoptUntrustedStore (xmlSecKeyDataStorePtr store, HCERTSTORE untrustedStore) {
700
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
701
+
702
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), -1);
703
+ xmlSecAssert2( untrustedStore != NULL, -1);
704
+
705
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
706
+ xmlSecAssert2(ctx != NULL, -1);
707
+ xmlSecAssert2(ctx->untrusted != NULL, -1);
708
+
709
+ if( !CertAddStoreToCollection ( ctx->untrusted , untrustedStore , CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , 2 ) ) {
710
+ xmlSecError(XMLSEC_ERRORS_HERE,
711
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
712
+ "CertAddStoreToCollection",
713
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
714
+ XMLSEC_ERRORS_NO_MESSAGE);
715
+ return(-1);
716
+ }
717
+
718
+ return(0);
719
+ }
720
+
721
+ /**
722
+ * xmlSecMSCryptoX509StoreEnableSystemTrustedCerts:
723
+ * @store: the pointer to X509 key data store klass.
724
+ * @val: the enable/disable flag
725
+ *
726
+ * Enables/disables the system trusted certs.
727
+ */
728
+ void
729
+ xmlSecMSCryptoX509StoreEnableSystemTrustedCerts (xmlSecKeyDataStorePtr store, int val) {
730
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
731
+
732
+ xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
733
+
734
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
735
+ xmlSecAssert(ctx != NULL);
736
+ xmlSecAssert(ctx->untrusted != NULL);
737
+
738
+ /* it is other way around to make default value 0 mimic old behaiviour */
739
+ ctx->dont_use_system_trusted_certs = !val;
740
+ }
741
+
742
+ static int
743
+ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
744
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
745
+ HCERTSTORE hTrustedMemStore ;
746
+ HCERTSTORE hUntrustedMemStore ;
747
+
748
+ xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), -1);
749
+
750
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
751
+ xmlSecAssert2(ctx != NULL, -1);
752
+
753
+ memset(ctx, 0, sizeof(xmlSecMSCryptoX509StoreCtx));
754
+
755
+ /* create trusted certs store collection */
756
+ ctx->trusted = CertOpenStore(CERT_STORE_PROV_COLLECTION,
757
+ 0,
758
+ 0,
759
+ 0,
760
+ NULL);
761
+ if(ctx->trusted == NULL) {
762
+ xmlSecError(XMLSEC_ERRORS_HERE,
763
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
764
+ "CertOpenStore",
765
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
766
+ XMLSEC_ERRORS_NO_MESSAGE);
767
+ return(-1);
768
+ }
769
+
770
+ /* create trusted certs store */
771
+ hTrustedMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
772
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
773
+ 0,
774
+ CERT_STORE_CREATE_NEW_FLAG,
775
+ NULL);
776
+ if(hTrustedMemStore == NULL) {
777
+ xmlSecError(XMLSEC_ERRORS_HERE,
778
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
779
+ "CertOpenStore",
780
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
781
+ XMLSEC_ERRORS_NO_MESSAGE);
782
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
783
+ ctx->trusted = NULL ;
784
+ return(-1);
785
+ }
786
+
787
+ /* add the memory trusted certs store to trusted certs store collection */
788
+ if( !CertAddStoreToCollection( ctx->trusted, hTrustedMemStore, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 1 ) ) {
789
+ xmlSecError(XMLSEC_ERRORS_HERE,
790
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
791
+ "CertAddStoreToCollection",
792
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
793
+ XMLSEC_ERRORS_NO_MESSAGE);
794
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
795
+ CertCloseStore(hTrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
796
+ ctx->trusted = NULL ;
797
+ return(-1);
798
+ }
799
+ CertCloseStore(hTrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
800
+
801
+ /* create untrusted certs store collection */
802
+ ctx->untrusted = CertOpenStore(CERT_STORE_PROV_COLLECTION,
803
+ 0,
804
+ 0,
805
+ 0,
806
+ NULL);
807
+ if(ctx->untrusted == NULL) {
808
+ xmlSecError(XMLSEC_ERRORS_HERE,
809
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
810
+ "CertOpenStore",
811
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
812
+ XMLSEC_ERRORS_NO_MESSAGE);
813
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
814
+ ctx->trusted = NULL ;
815
+ return(-1);
816
+ }
817
+
818
+ /* create untrusted certs store */
819
+ hUntrustedMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
820
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
821
+ 0,
822
+ CERT_STORE_CREATE_NEW_FLAG,
823
+ NULL);
824
+ if(hUntrustedMemStore == NULL) {
825
+ xmlSecError(XMLSEC_ERRORS_HERE,
826
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
827
+ "CertOpenStore",
828
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
829
+ XMLSEC_ERRORS_NO_MESSAGE);
830
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
831
+ CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_FORCE_FLAG);
832
+ ctx->trusted = NULL ;
833
+ ctx->untrusted = NULL ;
834
+ return(-1);
835
+ }
836
+
837
+ /* add the memory trusted certs store to untrusted certs store collection */
838
+ if( !CertAddStoreToCollection( ctx->untrusted, hUntrustedMemStore, CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, 1 ) ) {
839
+ xmlSecError(XMLSEC_ERRORS_HERE,
840
+ xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
841
+ "CertAddStoreToCollection",
842
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
843
+ XMLSEC_ERRORS_NO_MESSAGE);
844
+ CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_FORCE_FLAG);
845
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
846
+ CertCloseStore(hUntrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
847
+ ctx->trusted = NULL ;
848
+ ctx->untrusted = NULL ;
849
+ return(-1);
850
+ }
851
+ CertCloseStore(hUntrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
852
+
853
+ return(0);
854
+ }
855
+
856
+ static void
857
+ xmlSecMSCryptoX509StoreFinalize(xmlSecKeyDataStorePtr store) {
858
+ xmlSecMSCryptoX509StoreCtxPtr ctx;
859
+ xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
860
+
861
+ ctx = xmlSecMSCryptoX509StoreGetCtx(store);
862
+ xmlSecAssert(ctx != NULL);
863
+
864
+ if (ctx->trusted) {
865
+ CertCloseStore(ctx->trusted, CERT_CLOSE_STORE_FORCE_FLAG);
866
+ }
867
+ if (ctx->untrusted) {
868
+ CertCloseStore(ctx->untrusted, CERT_CLOSE_STORE_FORCE_FLAG);
869
+ }
870
+
871
+ memset(ctx, 0, sizeof(xmlSecMSCryptoX509StoreCtx));
872
+ }
873
+
874
+
875
+ /*****************************************************************************
876
+ *
877
+ * Low-level x509 functions
878
+ *
879
+ *****************************************************************************/
880
+ /**
881
+ * xmlSecMSCryptoCertStrToName:
882
+ * @dwCertEncodingType: the encoding used.
883
+ * @pszX500: the string to convert.
884
+ * @dwStrType: the string type.
885
+ * @len: the result len.
886
+ *
887
+ * Converts input string to name by calling @CertStrToName function.
888
+ *
889
+ * Returns: a pointer to newly allocated string or NULL if an error occurs.
890
+ */
891
+ static BYTE*
892
+ xmlSecMSCryptoCertStrToName(DWORD dwCertEncodingType, LPTSTR pszX500, DWORD dwStrType, DWORD* len) {
893
+ BYTE* str = NULL;
894
+ LPCTSTR ppszError = NULL;
895
+
896
+ xmlSecAssert2(pszX500 != NULL, NULL);
897
+ xmlSecAssert2(len != NULL, NULL);
898
+
899
+ if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
900
+ NULL, NULL, len, &ppszError)) {
901
+ /* this might not be an error, string might just not exist */
902
+ DWORD dw = GetLastError();
903
+ return(NULL);
904
+ }
905
+
906
+ str = (BYTE *)xmlMalloc(sizeof(TCHAR) * ((*len) + 1));
907
+ if(str == NULL) {
908
+ xmlSecError(XMLSEC_ERRORS_HERE,
909
+ NULL,
910
+ NULL,
911
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
912
+ "len=%ld", (*len));
913
+ return(NULL);
914
+ }
915
+ memset(str, 0, (*len) + 1);
916
+
917
+ if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
918
+ NULL, str, len, NULL)) {
919
+ xmlSecError(XMLSEC_ERRORS_HERE,
920
+ NULL,
921
+ "CertStrToName",
922
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
923
+ XMLSEC_ERRORS_NO_MESSAGE);
924
+ xmlFree(str);
925
+ return(NULL);
926
+ }
927
+
928
+ return(str);
929
+ }
930
+
931
+
932
+ /**
933
+ * xmlSecMSCryptoX509FindCertBySubject:
934
+ * @store: the pointer to certs store
935
+ * @wcSubject: the cert subject (Unicode)
936
+ * @dwCertEncodingType: the cert encoding type
937
+ *
938
+ * Searches for a cert with given @subject in the @store
939
+ *
940
+ * Returns: cert handle on success or NULL otherwise
941
+ */
942
+ PCCERT_CONTEXT
943
+ xmlSecMSCryptoX509FindCertBySubject(HCERTSTORE store, const LPTSTR wcSubject, DWORD dwCertEncodingType) {
944
+ PCCERT_CONTEXT res = NULL;
945
+ CERT_NAME_BLOB cnb;
946
+ BYTE* bdata;
947
+ DWORD len;
948
+
949
+ xmlSecAssert2(store != NULL, NULL);
950
+ xmlSecAssert2(wcSubject != NULL, NULL);
951
+
952
+ /* CASE 1: UTF8, DN */
953
+ if (NULL == res) {
954
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
955
+ wcSubject,
956
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
957
+ &len);
958
+ if(bdata != NULL) {
959
+ cnb.cbData = len;
960
+ cnb.pbData = bdata;
961
+
962
+ res = CertFindCertificateInStore(store,
963
+ dwCertEncodingType,
964
+ 0,
965
+ CERT_FIND_SUBJECT_NAME,
966
+ &cnb,
967
+ NULL);
968
+ xmlFree(bdata);
969
+ }
970
+ }
971
+
972
+ /* CASE 2: UTF8, REVERSE DN */
973
+ if (NULL == res) {
974
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
975
+ wcSubject,
976
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
977
+ &len);
978
+ if(bdata != NULL) {
979
+ cnb.cbData = len;
980
+ cnb.pbData = bdata;
981
+
982
+ res = CertFindCertificateInStore(store,
983
+ dwCertEncodingType,
984
+ 0,
985
+ CERT_FIND_SUBJECT_NAME,
986
+ &cnb,
987
+ NULL);
988
+ xmlFree(bdata);
989
+ }
990
+ }
991
+
992
+ /* CASE 3: UNICODE, DN */
993
+ if (NULL == res) {
994
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
995
+ wcSubject,
996
+ CERT_OID_NAME_STR,
997
+ &len);
998
+ if(bdata != NULL) {
999
+ cnb.cbData = len;
1000
+ cnb.pbData = bdata;
1001
+
1002
+ res = CertFindCertificateInStore(store,
1003
+ dwCertEncodingType,
1004
+ 0,
1005
+ CERT_FIND_SUBJECT_NAME,
1006
+ &cnb,
1007
+ NULL);
1008
+ xmlFree(bdata);
1009
+ }
1010
+ }
1011
+
1012
+ /* CASE 4: UNICODE, REVERSE DN */
1013
+ if (NULL == res) {
1014
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
1015
+ wcSubject,
1016
+ CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
1017
+ &len);
1018
+ if(bdata != NULL) {
1019
+ cnb.cbData = len;
1020
+ cnb.pbData = bdata;
1021
+
1022
+ res = CertFindCertificateInStore(store,
1023
+ dwCertEncodingType,
1024
+ 0,
1025
+ CERT_FIND_SUBJECT_NAME,
1026
+ &cnb,
1027
+ NULL);
1028
+ xmlFree(bdata);
1029
+ }
1030
+ }
1031
+
1032
+
1033
+ /* done */
1034
+ return (res);
1035
+ }
1036
+
1037
+ /**
1038
+ * xmlSecMSCryptoX509FindCertByIssuer:
1039
+ * @store: the pointer to certs store
1040
+ * @wcIssuer: the cert issuer (Unicode)
1041
+ * @issuerSerialBn: the cert issuer serial
1042
+ * @dwCertEncodingType: the cert encoding type
1043
+ *
1044
+ * Searches for a cert with given @subject in the @store
1045
+ *
1046
+ * Returns: cert handle on success or NULL otherwise
1047
+ */
1048
+ static PCCERT_CONTEXT
1049
+ xmlSecMSCryptoX509FindCertByIssuer(HCERTSTORE store, const LPTSTR wcIssuer,
1050
+ xmlSecBnPtr issuerSerialBn, DWORD dwCertEncodingType) {
1051
+
1052
+ PCCERT_CONTEXT res = NULL;
1053
+ CERT_INFO certInfo;
1054
+ BYTE* bdata;
1055
+ DWORD len;
1056
+
1057
+
1058
+ xmlSecAssert2(store != NULL, NULL);
1059
+ xmlSecAssert2(wcIssuer != NULL, NULL);
1060
+ xmlSecAssert2(issuerSerialBn != NULL, NULL);
1061
+
1062
+ certInfo.SerialNumber.cbData = xmlSecBnGetSize(issuerSerialBn);
1063
+ certInfo.SerialNumber.pbData = xmlSecBnGetData(issuerSerialBn);
1064
+
1065
+
1066
+ /* CASE 1: UTF8, DN */
1067
+ if (NULL == res) {
1068
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
1069
+ wcIssuer,
1070
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
1071
+ &len);
1072
+ if(bdata != NULL) {
1073
+ certInfo.Issuer.cbData = len;
1074
+ certInfo.Issuer.pbData = bdata;
1075
+
1076
+ res = CertFindCertificateInStore(store,
1077
+ dwCertEncodingType,
1078
+ 0,
1079
+ CERT_FIND_SUBJECT_CERT,
1080
+ &certInfo,
1081
+ NULL);
1082
+ xmlFree(bdata);
1083
+ }
1084
+ }
1085
+
1086
+ /* CASE 2: UTF8, REVERSE DN */
1087
+ if (NULL == res) {
1088
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
1089
+ wcIssuer,
1090
+ CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
1091
+ &len);
1092
+ if(bdata != NULL) {
1093
+ certInfo.Issuer.cbData = len;
1094
+ certInfo.Issuer.pbData = bdata;
1095
+
1096
+ res = CertFindCertificateInStore(store,
1097
+ dwCertEncodingType,
1098
+ 0,
1099
+ CERT_FIND_SUBJECT_CERT,
1100
+ &certInfo,
1101
+ NULL);
1102
+ xmlFree(bdata);
1103
+ }
1104
+ }
1105
+
1106
+ /* CASE 3: UNICODE, DN */
1107
+ if (NULL == res) {
1108
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
1109
+ wcIssuer,
1110
+ CERT_OID_NAME_STR,
1111
+ &len);
1112
+ if(bdata != NULL) {
1113
+ certInfo.Issuer.cbData = len;
1114
+ certInfo.Issuer.pbData = bdata;
1115
+
1116
+ res = CertFindCertificateInStore(store,
1117
+ dwCertEncodingType,
1118
+ 0,
1119
+ CERT_FIND_SUBJECT_CERT,
1120
+ &certInfo,
1121
+ NULL);
1122
+ xmlFree(bdata);
1123
+ }
1124
+ }
1125
+
1126
+ /* CASE 4: UNICODE, REVERSE DN */
1127
+ if (NULL == res) {
1128
+ bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
1129
+ wcIssuer,
1130
+ CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
1131
+ &len);
1132
+ if(bdata != NULL) {
1133
+ certInfo.Issuer.cbData = len;
1134
+ certInfo.Issuer.pbData = bdata;
1135
+
1136
+ res = CertFindCertificateInStore(store,
1137
+ dwCertEncodingType,
1138
+ 0,
1139
+ CERT_FIND_SUBJECT_CERT,
1140
+ &certInfo,
1141
+ NULL);
1142
+ xmlFree(bdata);
1143
+ }
1144
+ }
1145
+
1146
+
1147
+ /* done */
1148
+ return (res);
1149
+ }
1150
+
1151
+ static LPTSTR
1152
+ xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
1153
+ xmlChar *name2 = NULL;
1154
+ xmlChar *p = NULL;
1155
+ LPTSTR res = NULL;
1156
+
1157
+ xmlSecAssert2(name != 0, NULL);
1158
+
1159
+ /* MSCrypto doesn't support "emailAddress" attribute (see NSS as well).
1160
+ * This code is not bullet proof and may produce incorrect results if someone has
1161
+ * "emailAddress=" string in one of the fields, but it is best I can suggest to fix
1162
+ * this problem.
1163
+ */
1164
+ name2 = xmlStrdup(name);
1165
+ if(name2 == NULL) {
1166
+ xmlSecError(XMLSEC_ERRORS_HERE,
1167
+ NULL,
1168
+ NULL,
1169
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
1170
+ "xmlStrlen(name)=%d",
1171
+ xmlStrlen(name));
1172
+ return(NULL);
1173
+ }
1174
+ while( (p = (xmlChar*)xmlStrstr(name2, BAD_CAST "emailAddress=")) != NULL) {
1175
+ memcpy(p, " E=", 13);
1176
+ }
1177
+
1178
+ /* get name */
1179
+ res = xmlSecMSCryptoConvertUtf8ToTstr(name2);
1180
+ if(res == NULL) {
1181
+ xmlSecError(XMLSEC_ERRORS_HERE,
1182
+ NULL,
1183
+ "xmlSecMSCryptoConvertUtf8ToTstr",
1184
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1185
+ XMLSEC_ERRORS_NO_MESSAGE);
1186
+ return(NULL);
1187
+ }
1188
+
1189
+ /* done */
1190
+ return(res);
1191
+ }
1192
+
1193
+ static PCCERT_CONTEXT
1194
+ xmlSecMSCryptoX509FindCert(HCERTSTORE store,
1195
+ const xmlChar *subjectName,
1196
+ const xmlChar *issuerName,
1197
+ const xmlChar *issuerSerial,
1198
+ const xmlChar *ski) {
1199
+ PCCERT_CONTEXT pCert = NULL;
1200
+ int ret;
1201
+
1202
+ xmlSecAssert2(store != 0, NULL);
1203
+
1204
+ if((pCert == NULL) && (NULL != subjectName)) {
1205
+ LPTSTR wcSubjectName = NULL;
1206
+
1207
+ /* get unicode subject name */
1208
+ wcSubjectName = xmlSecMSCryptoX509GetCertName(subjectName);
1209
+ if(wcSubjectName == NULL) {
1210
+ xmlSecError(XMLSEC_ERRORS_HERE,
1211
+ NULL,
1212
+ "xmlSecMSCryptoX509GetCertName",
1213
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1214
+ "wcSubjectName");
1215
+ return(NULL);
1216
+ }
1217
+
1218
+ /* search */
1219
+ pCert = xmlSecMSCryptoX509FindCertBySubject(store,
1220
+ wcSubjectName,
1221
+ PKCS_7_ASN_ENCODING | X509_ASN_ENCODING);
1222
+
1223
+
1224
+ /* cleanup */
1225
+ xmlFree(wcSubjectName);
1226
+ }
1227
+
1228
+ if((pCert == NULL) && (NULL != issuerName) && (NULL != issuerSerial)) {
1229
+ xmlSecBn issuerSerialBn;
1230
+ LPTSTR wcIssuerName = NULL;
1231
+
1232
+ /* get serial number */
1233
+ ret = xmlSecBnInitialize(&issuerSerialBn, 0);
1234
+ if(ret < 0) {
1235
+ xmlSecError(XMLSEC_ERRORS_HERE,
1236
+ NULL,
1237
+ "xmlSecBnInitialize",
1238
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1239
+ XMLSEC_ERRORS_NO_MESSAGE);
1240
+ return(NULL);
1241
+ }
1242
+
1243
+ ret = xmlSecBnFromDecString(&issuerSerialBn, issuerSerial);
1244
+ if(ret < 0) {
1245
+ xmlSecError(XMLSEC_ERRORS_HERE,
1246
+ NULL,
1247
+ "xmlSecBnInitialize",
1248
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1249
+ XMLSEC_ERRORS_NO_MESSAGE);
1250
+ xmlSecBnFinalize(&issuerSerialBn);
1251
+ return(NULL);
1252
+ }
1253
+
1254
+ /* I have no clue why at a sudden a swap is needed to
1255
+ * convert from lsb... This code is purely based upon
1256
+ * trial and error :( WK
1257
+ */
1258
+ ret = xmlSecBnReverse(&issuerSerialBn);
1259
+ if(ret < 0) {
1260
+ xmlSecError(XMLSEC_ERRORS_HERE,
1261
+ NULL,
1262
+ "xmlSecBnReverse",
1263
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1264
+ XMLSEC_ERRORS_NO_MESSAGE);
1265
+ xmlSecBnFinalize(&issuerSerialBn);
1266
+ return(NULL);
1267
+ }
1268
+
1269
+ /* get issuer name */
1270
+ wcIssuerName = xmlSecMSCryptoX509GetCertName(issuerName);
1271
+ if(wcIssuerName == NULL) {
1272
+ xmlSecError(XMLSEC_ERRORS_HERE,
1273
+ NULL,
1274
+ "xmlSecMSCryptoX509GetCertName",
1275
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1276
+ "wcIssuerName");
1277
+ xmlSecBnFinalize(&issuerSerialBn);
1278
+ return(NULL);
1279
+ }
1280
+
1281
+ /* search */
1282
+ pCert = xmlSecMSCryptoX509FindCertByIssuer(store,
1283
+ wcIssuerName,
1284
+ &issuerSerialBn,
1285
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING);
1286
+
1287
+ xmlFree(wcIssuerName);
1288
+
1289
+ /* cleanup */
1290
+ xmlSecBnFinalize(&issuerSerialBn);
1291
+ }
1292
+
1293
+ if((pCert == NULL) && (ski != NULL)) {
1294
+ CRYPT_HASH_BLOB blob;
1295
+ xmlChar* binSki;
1296
+ int binSkiLen;
1297
+
1298
+ binSki = xmlStrdup(ski);
1299
+ if(binSki == NULL) {
1300
+ xmlSecError(XMLSEC_ERRORS_HERE,
1301
+ NULL,
1302
+ "xmlStrdup",
1303
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
1304
+ XMLSEC_ERRORS_NO_MESSAGE);
1305
+ return (NULL);
1306
+ }
1307
+
1308
+ /* trick: base64 decode "in place" */
1309
+ binSkiLen = xmlSecBase64Decode(binSki, (xmlSecByte*)binSki, xmlStrlen(binSki));
1310
+ if(binSkiLen < 0) {
1311
+ xmlSecError(XMLSEC_ERRORS_HERE,
1312
+ NULL,
1313
+ "xmlSecBase64Decode",
1314
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1315
+ "ski=%s",
1316
+ xmlSecErrorsSafeString(ski));
1317
+ xmlFree(binSki);
1318
+ return(NULL);
1319
+ }
1320
+
1321
+ blob.pbData = binSki;
1322
+ blob.cbData = binSkiLen;
1323
+ pCert = CertFindCertificateInStore(store,
1324
+ PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
1325
+ 0,
1326
+ CERT_FIND_KEY_IDENTIFIER,
1327
+ &blob,
1328
+ NULL);
1329
+ xmlFree(binSki);
1330
+ }
1331
+
1332
+ return(pCert);
1333
+ }
1334
+
1335
+
1336
+ /**
1337
+ * xmlSecMSCryptoX509GetNameString:
1338
+ * @pCertContext: the pointer to cert
1339
+ * @dwType: the type (see CertGetNameString description in MSDN)
1340
+ * @dwFlags: the flags (see CertGetNameString description in MSDN)
1341
+ * @pvTypePara: the type parameter (see CertGetNameString description in MSDN)
1342
+ *
1343
+ * Gets the name string for certificate (see CertGetNameString description in MSDN).
1344
+ *
1345
+ * Returns: name string (should be freed with xmlFree) or NULL if failed.
1346
+ */
1347
+ xmlChar *
1348
+ xmlSecMSCryptoX509GetNameString(PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara) {
1349
+ LPTSTR name = NULL;
1350
+ xmlChar * res = NULL;
1351
+ DWORD dwSize;
1352
+
1353
+ xmlSecAssert2(pCertContext != NULL, NULL);
1354
+
1355
+ /* get size first */
1356
+ dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, NULL, 0);
1357
+ if(dwSize <= 0) {
1358
+ xmlSecError(XMLSEC_ERRORS_HERE,
1359
+ "CertGetNameString",
1360
+ NULL,
1361
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1362
+ XMLSEC_ERRORS_NO_MESSAGE);
1363
+ return (NULL);
1364
+ }
1365
+
1366
+ /* allocate buffer */
1367
+ name = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (dwSize + 1));
1368
+ if(name == NULL) {
1369
+ xmlSecError(XMLSEC_ERRORS_HERE,
1370
+ NULL,
1371
+ NULL,
1372
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
1373
+ XMLSEC_ERRORS_NO_MESSAGE);
1374
+ return (NULL);
1375
+ }
1376
+
1377
+ /* actually get the name */
1378
+ dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, name, dwSize);
1379
+ if(dwSize <= 0) {
1380
+ xmlSecError(XMLSEC_ERRORS_HERE,
1381
+ "CertGetNameString",
1382
+ NULL,
1383
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1384
+ XMLSEC_ERRORS_NO_MESSAGE);
1385
+ xmlFree(name);
1386
+ return (NULL);
1387
+ }
1388
+
1389
+ res = xmlSecMSCryptoConvertTstrToUtf8(name);
1390
+ if(res == NULL) {
1391
+ xmlSecError(XMLSEC_ERRORS_HERE,
1392
+ "xmlSecMSCryptoConvertTstrToUtf8",
1393
+ NULL,
1394
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1395
+ XMLSEC_ERRORS_NO_MESSAGE);
1396
+ xmlFree(name);
1397
+ return (NULL);
1398
+ }
1399
+ /* done */
1400
+ xmlFree(name);
1401
+ return (res);
1402
+ }
1403
+
1404
+ #endif /* XMLSEC_NO_X509 */
1405
+
1406
+