xmlsec-shim 1.2.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (969) hide show
  1. data/.gitignore +17 -0
  2. data/Gemfile +4 -0
  3. data/README.md +2 -0
  4. data/Rakefile +2 -0
  5. data/ext/xmlsec/extconf.rb +14 -0
  6. data/lib/xmlsec-shim.rb +27 -0
  7. data/lib/xmlsec-shim/version.rb +5 -0
  8. data/vendor/xmlsec1-1.2.18/AUTHORS +8 -0
  9. data/vendor/xmlsec1-1.2.18/COPYING +105 -0
  10. data/vendor/xmlsec1-1.2.18/ChangeLog +1810 -0
  11. data/vendor/xmlsec1-1.2.18/Copyright +105 -0
  12. data/vendor/xmlsec1-1.2.18/HACKING +199 -0
  13. data/vendor/xmlsec1-1.2.18/INSTALL +38 -0
  14. data/vendor/xmlsec1-1.2.18/Makefile.am +186 -0
  15. data/vendor/xmlsec1-1.2.18/Makefile.in +1155 -0
  16. data/vendor/xmlsec1-1.2.18/NEWS +1 -0
  17. data/vendor/xmlsec1-1.2.18/README +15 -0
  18. data/vendor/xmlsec1-1.2.18/TODO +156 -0
  19. data/vendor/xmlsec1-1.2.18/aclocal.m4 +1197 -0
  20. data/vendor/xmlsec1-1.2.18/apps/Makefile.am +84 -0
  21. data/vendor/xmlsec1-1.2.18/apps/Makefile.in +694 -0
  22. data/vendor/xmlsec1-1.2.18/apps/cmdline.c +355 -0
  23. data/vendor/xmlsec1-1.2.18/apps/cmdline.h +89 -0
  24. data/vendor/xmlsec1-1.2.18/apps/crypto.c +396 -0
  25. data/vendor/xmlsec1-1.2.18/apps/crypto.h +70 -0
  26. data/vendor/xmlsec1-1.2.18/apps/xmlsec.c +3058 -0
  27. data/vendor/xmlsec1-1.2.18/config.guess +1502 -0
  28. data/vendor/xmlsec1-1.2.18/config.h.in +134 -0
  29. data/vendor/xmlsec1-1.2.18/config.sub +1714 -0
  30. data/vendor/xmlsec1-1.2.18/configure +17363 -0
  31. data/vendor/xmlsec1-1.2.18/configure.in +1633 -0
  32. data/vendor/xmlsec1-1.2.18/depcomp +630 -0
  33. data/vendor/xmlsec1-1.2.18/docs/Makefile.am +65 -0
  34. data/vendor/xmlsec1-1.2.18/docs/Makefile.in +721 -0
  35. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.am +209 -0
  36. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.in +664 -0
  37. data/vendor/xmlsec1-1.2.18/docs/api/chapters/compiling-and-linking.sgml +252 -0
  38. data/vendor/xmlsec1-1.2.18/docs/api/chapters/creating-templates.sgml +325 -0
  39. data/vendor/xmlsec1-1.2.18/docs/api/chapters/examples.sgml +102 -0
  40. data/vendor/xmlsec1-1.2.18/docs/api/chapters/init-and-shutdown.sgml +104 -0
  41. data/vendor/xmlsec1-1.2.18/docs/api/chapters/new-crypto.sgml +487 -0
  42. data/vendor/xmlsec1-1.2.18/docs/api/chapters/sign-and-encrypt.sgml +286 -0
  43. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-contexts.sgml +138 -0
  44. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keys.sgml +26 -0
  45. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keysmngr.sgml +592 -0
  46. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-transforms.sgml +67 -0
  47. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-x509-certs.sgml +197 -0
  48. data/vendor/xmlsec1-1.2.18/docs/api/chapters/verify-and-decrypt.sgml +265 -0
  49. data/vendor/xmlsec1-1.2.18/docs/api/home.png +0 -0
  50. data/vendor/xmlsec1-1.2.18/docs/api/images/diagrams.sxd +0 -0
  51. data/vendor/xmlsec1-1.2.18/docs/api/images/encryption-structure.png +0 -0
  52. data/vendor/xmlsec1-1.2.18/docs/api/images/key.png +0 -0
  53. data/vendor/xmlsec1-1.2.18/docs/api/images/keysmngr.png +0 -0
  54. data/vendor/xmlsec1-1.2.18/docs/api/images/sign-enc-model.png +0 -0
  55. data/vendor/xmlsec1-1.2.18/docs/api/images/signature-structure.png +0 -0
  56. data/vendor/xmlsec1-1.2.18/docs/api/images/structure.png +0 -0
  57. data/vendor/xmlsec1-1.2.18/docs/api/images/transform.png +0 -0
  58. data/vendor/xmlsec1-1.2.18/docs/api/images/transforms-chain.png +0 -0
  59. data/vendor/xmlsec1-1.2.18/docs/api/images/verif-dec-model.png +0 -0
  60. data/vendor/xmlsec1-1.2.18/docs/api/index.html +307 -0
  61. data/vendor/xmlsec1-1.2.18/docs/api/index.sgml +43 -0
  62. data/vendor/xmlsec1-1.2.18/docs/api/left.png +0 -0
  63. data/vendor/xmlsec1-1.2.18/docs/api/right.png +0 -0
  64. data/vendor/xmlsec1-1.2.18/docs/api/up.png +0 -0
  65. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-app.html +1525 -0
  66. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-base64.html +357 -0
  67. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-bn.html +705 -0
  68. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-buffer.html +603 -0
  69. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-custom-keys-manager.html +475 -0
  70. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-keys-mngr.html +396 -0
  71. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-signle-key.html +326 -0
  72. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-dl.html +245 -0
  73. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-dynamic-template.html +386 -0
  74. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-template-file.html +364 -0
  75. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-with-session-key.html +495 -0
  76. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encryption-klasses.html +101 -0
  77. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-errors.html +744 -0
  78. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-dynamimc-template.html +406 -0
  79. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-template-file.html +388 -0
  80. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-x509.html +447 -0
  81. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples.html +119 -0
  82. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-app.html +578 -0
  83. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-crypto.html +1128 -0
  84. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-ref.html +107 -0
  85. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt.sgml +15 -0
  86. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-app.html +576 -0
  87. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-crypto.html +1076 -0
  88. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-ref.html +107 -0
  89. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls.sgml +15 -0
  90. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.html +1570 -0
  91. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.sgml +1471 -0
  92. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-io.html +226 -0
  93. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keyinfo.html +700 -0
  94. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keys.html +1161 -0
  95. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysdata.html +2067 -0
  96. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysmngr.html +743 -0
  97. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-list.html +643 -0
  98. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-membuf.html +143 -0
  99. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-app.html +747 -0
  100. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-certkeys.html +252 -0
  101. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-crypto.html +1153 -0
  102. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-keysstore.html +209 -0
  103. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-ref.html +113 -0
  104. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-x509.html +478 -0
  105. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto.sgml +21 -0
  106. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nodeset.html +542 -0
  107. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-others.html +102 -0
  108. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-unix.html +223 -0
  109. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-windows.html +138 -0
  110. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling.html +117 -0
  111. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-contexts.html +229 -0
  112. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-custom-keys-store.html +250 -0
  113. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-decrypt.html +205 -0
  114. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-encryption-templates.html +240 -0
  115. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-signature-templates.html +250 -0
  116. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-encrypt.html +223 -0
  117. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-include-files.html +141 -0
  118. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-init-shutdown.html +194 -0
  119. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-manager-sign-enc.html +307 -0
  120. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-mngr-verify-decrypt.html +179 -0
  121. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys.html +120 -0
  122. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keysmngr.html +140 -0
  123. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-functions.html +151 -0
  124. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-key-stores.html +83 -0
  125. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-keys.html +103 -0
  126. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-klasses.html +217 -0
  127. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-sharing-results.html +125 -0
  128. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-simple-keys-mngr.html +102 -0
  129. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-skeleton.html +254 -0
  130. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-transforms.html +170 -0
  131. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto.html +136 -0
  132. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-overview.html +102 -0
  133. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-encrypt.html +120 -0
  134. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-x509.html +176 -0
  135. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign.html +210 -0
  136. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-simple-keys-store.html +177 -0
  137. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-structure.html +115 -0
  138. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-templates.html +114 -0
  139. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-transforms.html +154 -0
  140. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-decrypt.html +120 -0
  141. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-x509.html +180 -0
  142. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify.html +210 -0
  143. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-x509.html +114 -0
  144. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes.html +115 -0
  145. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-app.html +740 -0
  146. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-bignum.html +176 -0
  147. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-crypto.html +978 -0
  148. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-keysstore.html +209 -0
  149. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-pkikeys.html +211 -0
  150. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-ref.html +115 -0
  151. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-x509.html +467 -0
  152. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss.sgml +23 -0
  153. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-app.html +800 -0
  154. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-bn.html +170 -0
  155. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-crypto.html +1329 -0
  156. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-evp.html +184 -0
  157. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-ref.html +113 -0
  158. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-x509.html +567 -0
  159. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl.sgml +21 -0
  160. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-parser.html +223 -0
  161. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-ref.html +149 -0
  162. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-reference.html +106 -0
  163. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-signature-klasses.html +101 -0
  164. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-templates.html +1290 -0
  165. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-transforms.html +3059 -0
  166. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-key.html +318 -0
  167. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-keys-mngr.html +388 -0
  168. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-restrictions.html +715 -0
  169. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-x509.html +369 -0
  170. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-version.html +143 -0
  171. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-x509.html +181 -0
  172. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmldsig.html +853 -0
  173. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlenc.html +584 -0
  174. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlsec.html +300 -0
  175. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmltree.html +1529 -0
  176. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec.sgml +307 -0
  177. data/vendor/xmlsec1-1.2.18/docs/authors.html +59 -0
  178. data/vendor/xmlsec1-1.2.18/docs/bugs.html +106 -0
  179. data/vendor/xmlsec1-1.2.18/docs/c14n.html +73 -0
  180. data/vendor/xmlsec1-1.2.18/docs/documentation.html +65 -0
  181. data/vendor/xmlsec1-1.2.18/docs/download.html +115 -0
  182. data/vendor/xmlsec1-1.2.18/docs/faq.html +449 -0
  183. data/vendor/xmlsec1-1.2.18/docs/images/bart.gif +0 -0
  184. data/vendor/xmlsec1-1.2.18/docs/images/libxml2-logo.png +0 -0
  185. data/vendor/xmlsec1-1.2.18/docs/images/libxslt-logo.png +0 -0
  186. data/vendor/xmlsec1-1.2.18/docs/images/logo.gif +0 -0
  187. data/vendor/xmlsec1-1.2.18/docs/images/openssl-logo.png +0 -0
  188. data/vendor/xmlsec1-1.2.18/docs/images/xmlsec-logo.gif +0 -0
  189. data/vendor/xmlsec1-1.2.18/docs/index.html +109 -0
  190. data/vendor/xmlsec1-1.2.18/docs/news.html +545 -0
  191. data/vendor/xmlsec1-1.2.18/docs/related.html +165 -0
  192. data/vendor/xmlsec1-1.2.18/docs/xmldsig-verifier.html +138 -0
  193. data/vendor/xmlsec1-1.2.18/docs/xmldsig.html +646 -0
  194. data/vendor/xmlsec1-1.2.18/docs/xmlenc.html +464 -0
  195. data/vendor/xmlsec1-1.2.18/docs/xmlsec-man.html +291 -0
  196. data/vendor/xmlsec1-1.2.18/docs/xmlsec.xsl +194 -0
  197. data/vendor/xmlsec1-1.2.18/examples/Makefile +40 -0
  198. data/vendor/xmlsec1-1.2.18/examples/Makefile.w32 +88 -0
  199. data/vendor/xmlsec1-1.2.18/examples/README +126 -0
  200. data/vendor/xmlsec1-1.2.18/examples/binary.dat +1 -0
  201. data/vendor/xmlsec1-1.2.18/examples/decrypt1.c +223 -0
  202. data/vendor/xmlsec1-1.2.18/examples/decrypt2.c +293 -0
  203. data/vendor/xmlsec1-1.2.18/examples/decrypt3.c +372 -0
  204. data/vendor/xmlsec1-1.2.18/examples/deskey.bin +1 -0
  205. data/vendor/xmlsec1-1.2.18/examples/encrypt1-res.xml +13 -0
  206. data/vendor/xmlsec1-1.2.18/examples/encrypt1-tmpl.xml +13 -0
  207. data/vendor/xmlsec1-1.2.18/examples/encrypt1.c +219 -0
  208. data/vendor/xmlsec1-1.2.18/examples/encrypt2-doc.xml +9 -0
  209. data/vendor/xmlsec1-1.2.18/examples/encrypt2-res.xml +14 -0
  210. data/vendor/xmlsec1-1.2.18/examples/encrypt2.c +244 -0
  211. data/vendor/xmlsec1-1.2.18/examples/encrypt3-doc.xml +9 -0
  212. data/vendor/xmlsec1-1.2.18/examples/encrypt3-res.xml +27 -0
  213. data/vendor/xmlsec1-1.2.18/examples/encrypt3.c +340 -0
  214. data/vendor/xmlsec1-1.2.18/examples/mywin32make.bat +18 -0
  215. data/vendor/xmlsec1-1.2.18/examples/rootcert.pem +25 -0
  216. data/vendor/xmlsec1-1.2.18/examples/rsacert.pem +83 -0
  217. data/vendor/xmlsec1-1.2.18/examples/rsakey.pem +27 -0
  218. data/vendor/xmlsec1-1.2.18/examples/rsapub.pem +9 -0
  219. data/vendor/xmlsec1-1.2.18/examples/sign1-res.xml +31 -0
  220. data/vendor/xmlsec1-1.2.18/examples/sign1-tmpl.xml +27 -0
  221. data/vendor/xmlsec1-1.2.18/examples/sign1.c +212 -0
  222. data/vendor/xmlsec1-1.2.18/examples/sign2-doc.xml +9 -0
  223. data/vendor/xmlsec1-1.2.18/examples/sign2-res.xml +30 -0
  224. data/vendor/xmlsec1-1.2.18/examples/sign2.c +248 -0
  225. data/vendor/xmlsec1-1.2.18/examples/sign3-doc.xml +9 -0
  226. data/vendor/xmlsec1-1.2.18/examples/sign3-res.xml +58 -0
  227. data/vendor/xmlsec1-1.2.18/examples/sign3.c +261 -0
  228. data/vendor/xmlsec1-1.2.18/examples/verify1.c +215 -0
  229. data/vendor/xmlsec1-1.2.18/examples/verify2.c +285 -0
  230. data/vendor/xmlsec1-1.2.18/examples/verify3.c +266 -0
  231. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-res.xml +90 -0
  232. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-tmpl.xml +54 -0
  233. data/vendor/xmlsec1-1.2.18/examples/verify4-res.xml +80 -0
  234. data/vendor/xmlsec1-1.2.18/examples/verify4-tmpl.xml +47 -0
  235. data/vendor/xmlsec1-1.2.18/examples/verify4.c +309 -0
  236. data/vendor/xmlsec1-1.2.18/examples/xkms-server.c +839 -0
  237. data/vendor/xmlsec1-1.2.18/examples/xmldsigverify.c +381 -0
  238. data/vendor/xmlsec1-1.2.18/include/Makefile.am +4 -0
  239. data/vendor/xmlsec1-1.2.18/include/Makefile.in +656 -0
  240. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.am +63 -0
  241. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.in +767 -0
  242. data/vendor/xmlsec1-1.2.18/include/xmlsec/app.h +424 -0
  243. data/vendor/xmlsec1-1.2.18/include/xmlsec/base64.h +67 -0
  244. data/vendor/xmlsec1-1.2.18/include/xmlsec/bn.h +99 -0
  245. data/vendor/xmlsec1-1.2.18/include/xmlsec/buffer.h +108 -0
  246. data/vendor/xmlsec1-1.2.18/include/xmlsec/crypto.h +75 -0
  247. data/vendor/xmlsec1-1.2.18/include/xmlsec/dl.h +56 -0
  248. data/vendor/xmlsec1-1.2.18/include/xmlsec/errors.h +504 -0
  249. data/vendor/xmlsec1-1.2.18/include/xmlsec/exports.h +111 -0
  250. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.am +13 -0
  251. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.in +564 -0
  252. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/app.h +96 -0
  253. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/crypto.h +460 -0
  254. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/symbols.h +104 -0
  255. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.am +14 -0
  256. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.in +565 -0
  257. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/app.h +96 -0
  258. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/crypto.h +462 -0
  259. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/symbols.h +104 -0
  260. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/x509.h +110 -0
  261. data/vendor/xmlsec1-1.2.18/include/xmlsec/io.h +54 -0
  262. data/vendor/xmlsec1-1.2.18/include/xmlsec/keyinfo.h +285 -0
  263. data/vendor/xmlsec1-1.2.18/include/xmlsec/keys.h +278 -0
  264. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysdata.h +837 -0
  265. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysmngr.h +264 -0
  266. data/vendor/xmlsec1-1.2.18/include/xmlsec/list.h +194 -0
  267. data/vendor/xmlsec1-1.2.18/include/xmlsec/membuf.h +44 -0
  268. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.am +16 -0
  269. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.in +567 -0
  270. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/app.h +116 -0
  271. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/certkeys.h +42 -0
  272. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/crypto.h +516 -0
  273. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/keysstore.h +48 -0
  274. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/symbols.h +114 -0
  275. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/x509.h +92 -0
  276. data/vendor/xmlsec1-1.2.18/include/xmlsec/nodeset.h +139 -0
  277. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.am +17 -0
  278. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.in +568 -0
  279. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/app.h +118 -0
  280. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/bignum.h +37 -0
  281. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/crypto.h +469 -0
  282. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/keysstore.h +46 -0
  283. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/pkikeys.h +44 -0
  284. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/symbols.h +106 -0
  285. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/x509.h +91 -0
  286. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.am +16 -0
  287. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.in +567 -0
  288. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/app.h +128 -0
  289. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/bn.h +35 -0
  290. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/crypto.h +561 -0
  291. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/evp.h +44 -0
  292. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/symbols.h +123 -0
  293. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/x509.h +109 -0
  294. data/vendor/xmlsec1-1.2.18/include/xmlsec/parser.h +51 -0
  295. data/vendor/xmlsec1-1.2.18/include/xmlsec/private.h +489 -0
  296. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.am +12 -0
  297. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.in +563 -0
  298. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xkms.h +121 -0
  299. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xslt.h +34 -0
  300. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/Makefile.am +13 -0
  301. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/app.h +97 -0
  302. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/crypto.h +40 -0
  303. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/symbols.h +117 -0
  304. data/vendor/xmlsec1-1.2.18/include/xmlsec/soap.h +130 -0
  305. data/vendor/xmlsec1-1.2.18/include/xmlsec/strings.h +610 -0
  306. data/vendor/xmlsec1-1.2.18/include/xmlsec/templates.h +162 -0
  307. data/vendor/xmlsec1-1.2.18/include/xmlsec/transforms.h +994 -0
  308. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h +61 -0
  309. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h.in +61 -0
  310. data/vendor/xmlsec1-1.2.18/include/xmlsec/x509.h +80 -0
  311. data/vendor/xmlsec1-1.2.18/include/xmlsec/xkms.h +652 -0
  312. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmldsig.h +281 -0
  313. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlenc.h +163 -0
  314. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlsec.h +216 -0
  315. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmltree.h +275 -0
  316. data/vendor/xmlsec1-1.2.18/install-sh +520 -0
  317. data/vendor/xmlsec1-1.2.18/ltmain.sh +8413 -0
  318. data/vendor/xmlsec1-1.2.18/m4/libtool.m4 +7377 -0
  319. data/vendor/xmlsec1-1.2.18/m4/ltoptions.m4 +368 -0
  320. data/vendor/xmlsec1-1.2.18/m4/ltsugar.m4 +123 -0
  321. data/vendor/xmlsec1-1.2.18/m4/ltversion.m4 +23 -0
  322. data/vendor/xmlsec1-1.2.18/m4/lt~obsolete.m4 +92 -0
  323. data/vendor/xmlsec1-1.2.18/man/Makefile.am +52 -0
  324. data/vendor/xmlsec1-1.2.18/man/Makefile.in +582 -0
  325. data/vendor/xmlsec1-1.2.18/man/xmlsec1-config.1 +34 -0
  326. data/vendor/xmlsec1-1.2.18/man/xmlsec1.1 +269 -0
  327. data/vendor/xmlsec1-1.2.18/missing +376 -0
  328. data/vendor/xmlsec1-1.2.18/scripts/build_release.sh +33 -0
  329. data/vendor/xmlsec1-1.2.18/scripts/change-release.sh +34 -0
  330. data/vendor/xmlsec1-1.2.18/scripts/push_release.sh +30 -0
  331. data/vendor/xmlsec1-1.2.18/scripts/remove-gtkdoclink.pl +20 -0
  332. data/vendor/xmlsec1-1.2.18/scripts/test_errors.pl +38 -0
  333. data/vendor/xmlsec1-1.2.18/scripts/test_release.sh +12 -0
  334. data/vendor/xmlsec1-1.2.18/src/Makefile.am +71 -0
  335. data/vendor/xmlsec1-1.2.18/src/Makefile.in +878 -0
  336. data/vendor/xmlsec1-1.2.18/src/app.c +1498 -0
  337. data/vendor/xmlsec1-1.2.18/src/base64.c +1034 -0
  338. data/vendor/xmlsec1-1.2.18/src/bn.c +1060 -0
  339. data/vendor/xmlsec1-1.2.18/src/buffer.c +674 -0
  340. data/vendor/xmlsec1-1.2.18/src/c14n.c +801 -0
  341. data/vendor/xmlsec1-1.2.18/src/dl.c +994 -0
  342. data/vendor/xmlsec1-1.2.18/src/enveloped.c +152 -0
  343. data/vendor/xmlsec1-1.2.18/src/errors.c +242 -0
  344. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.am +55 -0
  345. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.in +764 -0
  346. data/vendor/xmlsec1-1.2.18/src/gcrypt/README +9 -0
  347. data/vendor/xmlsec1-1.2.18/src/gcrypt/app.c +663 -0
  348. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.c +602 -0
  349. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.h +39 -0
  350. data/vendor/xmlsec1-1.2.18/src/gcrypt/asymkeys.c +1920 -0
  351. data/vendor/xmlsec1-1.2.18/src/gcrypt/ciphers.c +855 -0
  352. data/vendor/xmlsec1-1.2.18/src/gcrypt/crypto.c +315 -0
  353. data/vendor/xmlsec1-1.2.18/src/gcrypt/digests.c +614 -0
  354. data/vendor/xmlsec1-1.2.18/src/gcrypt/globals.h +30 -0
  355. data/vendor/xmlsec1-1.2.18/src/gcrypt/hmac.c +823 -0
  356. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_aes.c +593 -0
  357. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_des.c +607 -0
  358. data/vendor/xmlsec1-1.2.18/src/gcrypt/signatures.c +1490 -0
  359. data/vendor/xmlsec1-1.2.18/src/gcrypt/symkeys.c +441 -0
  360. data/vendor/xmlsec1-1.2.18/src/globals.h +25 -0
  361. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.am +58 -0
  362. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.in +786 -0
  363. data/vendor/xmlsec1-1.2.18/src/gnutls/README +6 -0
  364. data/vendor/xmlsec1-1.2.18/src/gnutls/app.c +998 -0
  365. data/vendor/xmlsec1-1.2.18/src/gnutls/asymkeys.c +455 -0
  366. data/vendor/xmlsec1-1.2.18/src/gnutls/ciphers.c +82 -0
  367. data/vendor/xmlsec1-1.2.18/src/gnutls/crypto.c +351 -0
  368. data/vendor/xmlsec1-1.2.18/src/gnutls/digests.c +112 -0
  369. data/vendor/xmlsec1-1.2.18/src/gnutls/globals.h +31 -0
  370. data/vendor/xmlsec1-1.2.18/src/gnutls/hmac.c +141 -0
  371. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_aes.c +72 -0
  372. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_des.c +51 -0
  373. data/vendor/xmlsec1-1.2.18/src/gnutls/signatures.c +148 -0
  374. data/vendor/xmlsec1-1.2.18/src/gnutls/symkeys.c +125 -0
  375. data/vendor/xmlsec1-1.2.18/src/gnutls/x509.c +1960 -0
  376. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.c +1687 -0
  377. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.h +143 -0
  378. data/vendor/xmlsec1-1.2.18/src/gnutls/x509vfy.c +802 -0
  379. data/vendor/xmlsec1-1.2.18/src/io.c +496 -0
  380. data/vendor/xmlsec1-1.2.18/src/keyinfo.c +1561 -0
  381. data/vendor/xmlsec1-1.2.18/src/keys.c +1415 -0
  382. data/vendor/xmlsec1-1.2.18/src/keysdata.c +1387 -0
  383. data/vendor/xmlsec1-1.2.18/src/keysmngr.c +745 -0
  384. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.c +493 -0
  385. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.h +148 -0
  386. data/vendor/xmlsec1-1.2.18/src/list.c +534 -0
  387. data/vendor/xmlsec1-1.2.18/src/membuf.c +209 -0
  388. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.am +62 -0
  389. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.in +799 -0
  390. data/vendor/xmlsec1-1.2.18/src/mscrypto/README +39 -0
  391. data/vendor/xmlsec1-1.2.18/src/mscrypto/app.c +1289 -0
  392. data/vendor/xmlsec1-1.2.18/src/mscrypto/certkeys.c +2615 -0
  393. data/vendor/xmlsec1-1.2.18/src/mscrypto/ciphers.c +937 -0
  394. data/vendor/xmlsec1-1.2.18/src/mscrypto/crypto.c +889 -0
  395. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_calg.h +105 -0
  396. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_oid.h +114 -0
  397. data/vendor/xmlsec1-1.2.18/src/mscrypto/digests.c +668 -0
  398. data/vendor/xmlsec1-1.2.18/src/mscrypto/globals.h +39 -0
  399. data/vendor/xmlsec1-1.2.18/src/mscrypto/hmac.c +963 -0
  400. data/vendor/xmlsec1-1.2.18/src/mscrypto/keysstore.c +620 -0
  401. data/vendor/xmlsec1-1.2.18/src/mscrypto/kt_rsa.c +631 -0
  402. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_aes.c +662 -0
  403. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_des.c +730 -0
  404. data/vendor/xmlsec1-1.2.18/src/mscrypto/mingw-crypt32.def +36 -0
  405. data/vendor/xmlsec1-1.2.18/src/mscrypto/private.h +130 -0
  406. data/vendor/xmlsec1-1.2.18/src/mscrypto/signatures.c +960 -0
  407. data/vendor/xmlsec1-1.2.18/src/mscrypto/symkeys.c +824 -0
  408. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509.c +2281 -0
  409. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509vfy.c +1406 -0
  410. data/vendor/xmlsec1-1.2.18/src/mscrypto/xmlsec-mingw.h +210 -0
  411. data/vendor/xmlsec1-1.2.18/src/nodeset.c +610 -0
  412. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.am +57 -0
  413. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.in +798 -0
  414. data/vendor/xmlsec1-1.2.18/src/nss/README +128 -0
  415. data/vendor/xmlsec1-1.2.18/src/nss/app.c +1598 -0
  416. data/vendor/xmlsec1-1.2.18/src/nss/bignum.c +163 -0
  417. data/vendor/xmlsec1-1.2.18/src/nss/ciphers.c +838 -0
  418. data/vendor/xmlsec1-1.2.18/src/nss/crypto.c +444 -0
  419. data/vendor/xmlsec1-1.2.18/src/nss/digests.c +576 -0
  420. data/vendor/xmlsec1-1.2.18/src/nss/globals.h +24 -0
  421. data/vendor/xmlsec1-1.2.18/src/nss/hmac.c +855 -0
  422. data/vendor/xmlsec1-1.2.18/src/nss/keysstore.c +485 -0
  423. data/vendor/xmlsec1-1.2.18/src/nss/keytrans.c +753 -0
  424. data/vendor/xmlsec1-1.2.18/src/nss/kw_aes.c +681 -0
  425. data/vendor/xmlsec1-1.2.18/src/nss/kw_des.c +663 -0
  426. data/vendor/xmlsec1-1.2.18/src/nss/pkikeys.c +1554 -0
  427. data/vendor/xmlsec1-1.2.18/src/nss/signatures.c +841 -0
  428. data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c +440 -0
  429. data/vendor/xmlsec1-1.2.18/src/nss/x509.c +2223 -0
  430. data/vendor/xmlsec1-1.2.18/src/nss/x509vfy.c +808 -0
  431. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.am +56 -0
  432. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.in +790 -0
  433. data/vendor/xmlsec1-1.2.18/src/openssl/README +17 -0
  434. data/vendor/xmlsec1-1.2.18/src/openssl/app.c +1628 -0
  435. data/vendor/xmlsec1-1.2.18/src/openssl/bn.c +163 -0
  436. data/vendor/xmlsec1-1.2.18/src/openssl/ciphers.c +856 -0
  437. data/vendor/xmlsec1-1.2.18/src/openssl/crypto.c +491 -0
  438. data/vendor/xmlsec1-1.2.18/src/openssl/digests.c +682 -0
  439. data/vendor/xmlsec1-1.2.18/src/openssl/evp.c +1559 -0
  440. data/vendor/xmlsec1-1.2.18/src/openssl/globals.h +24 -0
  441. data/vendor/xmlsec1-1.2.18/src/openssl/hmac.c +857 -0
  442. data/vendor/xmlsec1-1.2.18/src/openssl/kt_rsa.c +876 -0
  443. data/vendor/xmlsec1-1.2.18/src/openssl/kw_aes.c +513 -0
  444. data/vendor/xmlsec1-1.2.18/src/openssl/kw_des.c +563 -0
  445. data/vendor/xmlsec1-1.2.18/src/openssl/signatures.c +1065 -0
  446. data/vendor/xmlsec1-1.2.18/src/openssl/symkeys.c +447 -0
  447. data/vendor/xmlsec1-1.2.18/src/openssl/x509.c +2414 -0
  448. data/vendor/xmlsec1-1.2.18/src/openssl/x509vfy.c +1284 -0
  449. data/vendor/xmlsec1-1.2.18/src/parser.c +571 -0
  450. data/vendor/xmlsec1-1.2.18/src/skeleton/Makefile.am +45 -0
  451. data/vendor/xmlsec1-1.2.18/src/skeleton/README +0 -0
  452. data/vendor/xmlsec1-1.2.18/src/skeleton/app.c +499 -0
  453. data/vendor/xmlsec1-1.2.18/src/skeleton/crypto.c +260 -0
  454. data/vendor/xmlsec1-1.2.18/src/skeleton/globals.h +24 -0
  455. data/vendor/xmlsec1-1.2.18/src/soap.c +1322 -0
  456. data/vendor/xmlsec1-1.2.18/src/strings.c +597 -0
  457. data/vendor/xmlsec1-1.2.18/src/templates.c +2091 -0
  458. data/vendor/xmlsec1-1.2.18/src/transforms.c +2902 -0
  459. data/vendor/xmlsec1-1.2.18/src/x509.c +97 -0
  460. data/vendor/xmlsec1-1.2.18/src/xkms.c +4981 -0
  461. data/vendor/xmlsec1-1.2.18/src/xmldsig.c +1795 -0
  462. data/vendor/xmlsec1-1.2.18/src/xmlenc.c +1339 -0
  463. data/vendor/xmlsec1-1.2.18/src/xmlsec.c +185 -0
  464. data/vendor/xmlsec1-1.2.18/src/xmltree.c +1908 -0
  465. data/vendor/xmlsec1-1.2.18/src/xpath.c +1148 -0
  466. data/vendor/xmlsec1-1.2.18/src/xslt.c +617 -0
  467. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/Readme.txt +52 -0
  468. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des.xml +29 -0
  469. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/dh-priv-key.der +0 -0
  470. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data +9 -0
  471. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.tmpl +22 -0
  472. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.xml +30 -0
  473. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data +9 -0
  474. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.tmpl +22 -0
  475. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.xml +30 -0
  476. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data +9 -0
  477. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.tmpl +22 -0
  478. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.xml +30 -0
  479. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data +9 -0
  480. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.tmpl +24 -0
  481. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.xml +63 -0
  482. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml +83 -0
  483. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data +9 -0
  484. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.tmpl +23 -0
  485. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.xml +61 -0
  486. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data +9 -0
  487. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.tmpl +22 -0
  488. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.xml +63 -0
  489. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml +63 -0
  490. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml +63 -0
  491. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data +9 -0
  492. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.tmpl +22 -0
  493. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.xml +29 -0
  494. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-ka-dh.xml +83 -0
  495. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data +9 -0
  496. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl +20 -0
  497. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.xml +61 -0
  498. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data +9 -0
  499. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.tmpl +22 -0
  500. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.xml +63 -0
  501. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data +9 -0
  502. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.tmpl +22 -0
  503. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.xml +29 -0
  504. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data +9 -0
  505. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.tmpl +22 -0
  506. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.xml +29 -0
  507. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-ka-dh.xml +83 -0
  508. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data +9 -0
  509. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.tmpl +22 -0
  510. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.xml +63 -0
  511. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data +9 -0
  512. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.tmpl +22 -0
  513. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.xml +29 -0
  514. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-ka-dh.xml +83 -0
  515. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data +9 -0
  516. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.tmpl +22 -0
  517. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.xml +29 -0
  518. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data +9 -0
  519. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.tmpl +23 -0
  520. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.xml +32 -0
  521. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data +9 -0
  522. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.tmpl +21 -0
  523. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.xml +28 -0
  524. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data +9 -0
  525. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.tmpl +20 -0
  526. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.xml +62 -0
  527. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data +9 -0
  528. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.tmpl +22 -0
  529. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.xml +64 -0
  530. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/key.txt +117 -0
  531. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/keys.xml +61 -0
  532. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/payment.xml +9 -0
  533. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.der +0 -0
  534. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 +0 -0
  535. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name-not-supported.xml +2 -0
  536. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name.xml +10 -0
  537. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1-no-match.xml +7 -0
  538. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1.xml +51 -0
  539. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.der +0 -0
  540. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.pem +26 -0
  541. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.der +0 -0
  542. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.pem +25 -0
  543. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.der +0 -0
  544. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.pem +24 -0
  545. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/create-keys.sh +73 -0
  546. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1-pk8.der +0 -0
  547. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.der +0 -0
  548. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.p12 +0 -0
  549. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.pem +18 -0
  550. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2-pk8.der +0 -0
  551. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.der +0 -0
  552. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.p12 +0 -0
  553. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.pem +9 -0
  554. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3-pk8.der +0 -0
  555. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.der +0 -0
  556. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.p12 +0 -0
  557. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.pem +9 -0
  558. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/openssl.cnf +106 -0
  559. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req2.pem +11 -0
  560. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req3.pem +11 -0
  561. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-bad-service.xml +2 -0
  562. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-no-match.xml +2 -0
  563. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1.xml +18 -0
  564. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2-no-match.xml +2 -0
  565. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2.xml +39 -0
  566. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data-no-match.xml +2 -0
  567. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data.xml +32 -0
  568. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/readme.txt +117 -0
  569. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name-msg-invalid.xml +9 -0
  570. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name.xml +14 -0
  571. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-no-match.xml +6 -0
  572. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-unsupported.xml +13 -0
  573. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1.xml +23 -0
  574. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name-msg-invalid.xml +11 -0
  575. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name.xml +14 -0
  576. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-no-match.xml +6 -0
  577. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-unsupported.xml +9 -0
  578. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1.xml +23 -0
  579. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request-success.xml +2 -0
  580. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request.xml +7 -0
  581. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1-no-match.xml +2 -0
  582. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1.xml +65 -0
  583. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/README +47 -0
  584. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd +1 -0
  585. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl +27 -0
  586. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.xml +27 -0
  587. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.tmpl +31 -0
  588. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.xml +42 -0
  589. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.tmpl +18 -0
  590. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml +87 -0
  591. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl +18 -0
  592. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml +85 -0
  593. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl +16 -0
  594. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml +15 -0
  595. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.tmpl +14 -0
  596. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml +13 -0
  597. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.tmpl +17 -0
  598. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.xml +85 -0
  599. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl +16 -0
  600. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml +15 -0
  601. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.tmpl +14 -0
  602. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml +13 -0
  603. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.tmpl +17 -0
  604. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.xml +85 -0
  605. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.tmpl +18 -0
  606. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml +85 -0
  607. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl +16 -0
  608. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml +15 -0
  609. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.tmpl +14 -0
  610. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.xml +13 -0
  611. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.tmpl +17 -0
  612. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.xml +85 -0
  613. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl +16 -0
  614. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml +15 -0
  615. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.tmpl +14 -0
  616. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.xml +13 -0
  617. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.tmpl +17 -0
  618. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.xml +85 -0
  619. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl +16 -0
  620. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml +15 -0
  621. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.tmpl +14 -0
  622. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.xml +13 -0
  623. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.tmpl +17 -0
  624. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.xml +85 -0
  625. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl +16 -0
  626. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml +15 -0
  627. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.tmpl +14 -0
  628. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.xml +13 -0
  629. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.tmpl +17 -0
  630. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.xml +103 -0
  631. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl +16 -0
  632. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml +16 -0
  633. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.tmpl +14 -0
  634. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.xml +15 -0
  635. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.tmpl +17 -0
  636. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.xml +104 -0
  637. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.tmpl +27 -0
  638. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.xml +40 -0
  639. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.tmpl +31 -0
  640. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.xml +117 -0
  641. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.tmpl +29 -0
  642. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.xml +28 -0
  643. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.data +1 -0
  644. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.tmpl +11 -0
  645. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.xml +12 -0
  646. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.data +1 -0
  647. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.xml +21 -0
  648. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.data +1 -0
  649. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.tmpl +11 -0
  650. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.xml +12 -0
  651. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.data +1 -0
  652. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.tmpl +10 -0
  653. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.xml +12 -0
  654. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data +1 -0
  655. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.tmpl +16 -0
  656. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.xml +18 -0
  657. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data +7 -0
  658. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.tmpl +11 -0
  659. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml +15 -0
  660. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data +7 -0
  661. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.tmpl +11 -0
  662. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.xml +15 -0
  663. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data +9 -0
  664. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.tmpl +11 -0
  665. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.xml +17 -0
  666. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.data +1 -0
  667. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.tmpl +8 -0
  668. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.xml +8 -0
  669. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data +1 -0
  670. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl +10 -0
  671. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml +12 -0
  672. data/vendor/xmlsec1-1.2.18/tests/keys/README +203 -0
  673. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.der +0 -0
  674. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.pem +66 -0
  675. data/vendor/xmlsec1-1.2.18/tests/keys/ca2key.pem +9 -0
  676. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.der +0 -0
  677. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.pem +72 -0
  678. data/vendor/xmlsec1-1.2.18/tests/keys/cakey.pem +18 -0
  679. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/cacert.pem +72 -0
  680. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/careq.pem +14 -0
  681. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/index.txt +6 -0
  682. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/01.pem +65 -0
  683. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/02.pem +93 -0
  684. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/03.pem +60 -0
  685. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/04.pem +60 -0
  686. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/05.pem +83 -0
  687. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/private/cakey.pem +18 -0
  688. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/serial +1 -0
  689. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.der +0 -0
  690. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.pem +78 -0
  691. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.der +0 -0
  692. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p12 +0 -0
  693. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-der +0 -0
  694. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-pem +8 -0
  695. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.pem +14 -0
  696. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.der +0 -0
  697. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.pem +61 -0
  698. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.der +0 -0
  699. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.p12 +0 -0
  700. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.pem +9 -0
  701. data/vendor/xmlsec1-1.2.18/tests/keys/expiredreq.pem +11 -0
  702. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.der +0 -0
  703. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.pem +13 -0
  704. data/vendor/xmlsec1-1.2.18/tests/keys/hmackey.bin +1 -0
  705. data/vendor/xmlsec1-1.2.18/tests/keys/keys.xml +83 -0
  706. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.der +0 -0
  707. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.pem +100 -0
  708. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-win.p12 +0 -0
  709. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-winxp.p12 +0 -0
  710. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.der +0 -0
  711. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p12 +0 -0
  712. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-der +0 -0
  713. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-pem +53 -0
  714. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.pem +51 -0
  715. data/vendor/xmlsec1-1.2.18/tests/keys/largersareq.pem +30 -0
  716. data/vendor/xmlsec1-1.2.18/tests/keys/merlincert.pem +20 -0
  717. data/vendor/xmlsec1-1.2.18/tests/keys/openssl.cnf +316 -0
  718. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.der +0 -0
  719. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.pem +61 -0
  720. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-win.p12 +0 -0
  721. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-winxp.p12 +0 -0
  722. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.der +0 -0
  723. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p12 +0 -0
  724. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-der +0 -0
  725. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-pem +11 -0
  726. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.pem +9 -0
  727. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/Readme.txt +20 -0
  728. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-0.txt +15 -0
  729. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-1.txt +15 -0
  730. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-10.txt +15 -0
  731. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-11.txt +15 -0
  732. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-12.txt +15 -0
  733. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-13.txt +15 -0
  734. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-14.txt +15 -0
  735. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-15.txt +0 -0
  736. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-16.txt +0 -0
  737. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-17.txt +15 -0
  738. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-18.txt +15 -0
  739. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-19.txt +15 -0
  740. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-2.txt +15 -0
  741. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-20.txt +15 -0
  742. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-21.txt +15 -0
  743. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-22.txt +15 -0
  744. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-23.txt +15 -0
  745. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-24.txt +1 -0
  746. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-25.txt +0 -0
  747. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-26.txt +15 -0
  748. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-27.txt +430 -0
  749. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-3.txt +15 -0
  750. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-4.txt +15 -0
  751. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-5.txt +15 -0
  752. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-6.txt +1 -0
  753. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-7.txt +1 -0
  754. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-8.txt +15 -0
  755. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-9.txt +15 -0
  756. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/signature.xml +526 -0
  757. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/Readme.txt +3 -0
  758. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.tmpl +52 -0
  759. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.xml +73 -0
  760. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/Readme.txt +63 -0
  761. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.der +0 -0
  762. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.pem +20 -0
  763. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.der +0 -0
  764. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.pem +20 -0
  765. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/bres.pem +20 -0
  766. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.der +0 -0
  767. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.pem +20 -0
  768. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der +0 -0
  769. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem +20 -0
  770. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.der +0 -0
  771. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.pem +12 -0
  772. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.der +0 -0
  773. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.pem +20 -0
  774. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.der +0 -0
  775. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.pem +21 -0
  776. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/morigu.pem +20 -0
  777. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.der +0 -0
  778. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.pem +20 -0
  779. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.tmpl +22 -0
  780. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml +43 -0
  781. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.tmpl +21 -0
  782. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml +42 -0
  783. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.tmpl +18 -0
  784. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml +39 -0
  785. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl +16 -0
  786. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml +17 -0
  787. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.tmpl +14 -0
  788. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml +15 -0
  789. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.tmpl +18 -0
  790. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml +31 -0
  791. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.tmpl +20 -0
  792. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml +41 -0
  793. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.tmpl +17 -0
  794. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml +38 -0
  795. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.tmpl +16 -0
  796. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.xml +17 -0
  797. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.tmpl +16 -0
  798. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml +17 -0
  799. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.tmpl +17 -0
  800. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml +47 -0
  801. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.tmpl +17 -0
  802. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml +38 -0
  803. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.tmpl +17 -0
  804. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml +24 -0
  805. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.tmpl +17 -0
  806. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml +21 -0
  807. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.tmpl +17 -0
  808. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml +21 -0
  809. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.tmpl +245 -0
  810. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.xml +269 -0
  811. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/Readme.txt +117 -0
  812. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml +42 -0
  813. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform-except.xml +83 -0
  814. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform.xml +73 -0
  815. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh0.p8 +0 -0
  816. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh1.p8 +0 -0
  817. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dsa.p8 +0 -0
  818. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data +27 -0
  819. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.tmpl +20 -0
  820. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml +45 -0
  821. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml +113 -0
  822. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data +27 -0
  823. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.tmpl +18 -0
  824. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml +42 -0
  825. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data +27 -0
  826. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.tmpl +11 -0
  827. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml +35 -0
  828. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.data +1 -0
  829. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.tmpl +11 -0
  830. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml +12 -0
  831. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data +1 -0
  832. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.tmpl +20 -0
  833. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml +22 -0
  834. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data +1 -0
  835. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.tmpl +20 -0
  836. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml +22 -0
  837. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml +46 -0
  838. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data +1 -0
  839. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.tmpl +21 -0
  840. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml +43 -0
  841. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data +27 -0
  842. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.tmpl +19 -0
  843. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml +63 -0
  844. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.data +36 -0
  845. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml +42 -0
  846. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml +57 -0
  847. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml +122 -0
  848. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.data +40 -0
  849. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml +47 -0
  850. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data +27 -0
  851. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.tmpl +20 -0
  852. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml +43 -0
  853. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml +98 -0
  854. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml +108 -0
  855. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml +46 -0
  856. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml +51 -0
  857. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.tmpl +25 -0
  858. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml +27 -0
  859. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml +27 -0
  860. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml +27 -0
  861. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml +28 -0
  862. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/ids.p12 +0 -0
  863. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/keys.xml +42 -0
  864. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/plaintext.xml +24 -0
  865. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsa.p8 +0 -0
  866. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.der +0 -0
  867. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p12 +0 -0
  868. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-der +0 -0
  869. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-pem +17 -0
  870. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.pem +15 -0
  871. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapub.pem +6 -0
  872. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/Readme.txt +23 -0
  873. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-0.txt +11 -0
  874. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-1.txt +0 -0
  875. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-2.txt +25 -0
  876. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.tmpl +50 -0
  877. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.xml +122 -0
  878. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl-c14n-0.txt +3986 -0
  879. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.tmpl +4153 -0
  880. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.xml +4225 -0
  881. data/vendor/xmlsec1-1.2.18/tests/nss.supp +220 -0
  882. data/vendor/xmlsec1-1.2.18/tests/nssdb/cert8.db +0 -0
  883. data/vendor/xmlsec1-1.2.18/tests/nssdb/key3.db +0 -0
  884. data/vendor/xmlsec1-1.2.18/tests/nssdb/secmod.db +0 -0
  885. data/vendor/xmlsec1-1.2.18/tests/openssl.supp +63 -0
  886. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt +248 -0
  887. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/crl.der +0 -0
  888. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-ca-cert.der +0 -0
  889. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-cert.der +0 -0
  890. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-dsa-key.der +0 -0
  891. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-rsa-key.der +0 -0
  892. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/hmackey.bin +1 -0
  893. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-ca-cert.der +0 -0
  894. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-cert.der +0 -0
  895. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document-stylesheet.xml +7 -0
  896. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.b64 +4 -0
  897. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xml +6 -0
  898. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xsl +45 -0
  899. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-big.xml +39 -0
  900. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-detached.xml +1 -0
  901. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloped.xml +6 -0
  902. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloping.xml +6 -0
  903. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-manifest.xml +1 -0
  904. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping.xml +6 -0
  905. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml +1 -0
  906. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml +1 -0
  907. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml +1 -0
  908. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml +6 -0
  909. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml +1 -0
  910. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xpath-transform.xml +1 -0
  911. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method.xml +6 -0
  912. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method.xml +39 -0
  913. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform.xml +39 -0
  914. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached.xml +1 -0
  915. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml +6 -0
  916. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-sig.xml +6 -0
  917. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped.xml +6 -0
  918. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloping.xml +6 -0
  919. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain.xml +1 -0
  920. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert.xml +1 -0
  921. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial.xml +1 -0
  922. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski.xml +1 -0
  923. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name.xml +1 -0
  924. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest.xml +1 -0
  925. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped.xml +6 -0
  926. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-~x509-data-crl.xml +1 -0
  927. data/vendor/xmlsec1-1.2.18/tests/testDSig.sh +875 -0
  928. data/vendor/xmlsec1-1.2.18/tests/testEnc.sh +411 -0
  929. data/vendor/xmlsec1-1.2.18/tests/testKeys.sh +69 -0
  930. data/vendor/xmlsec1-1.2.18/tests/testRes.sh +20 -0
  931. data/vendor/xmlsec1-1.2.18/tests/testXKMS.sh +129 -0
  932. data/vendor/xmlsec1-1.2.18/tests/testrun.sh +443 -0
  933. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/c14n11/xml-base-input.xml +17 -0
  934. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.tmpl +2 -0
  935. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.xml +2 -0
  936. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.tmpl +2 -0
  937. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.xml +2 -0
  938. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.tmpl +2 -0
  939. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.xml +2 -0
  940. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-1-SUN.xml +21 -0
  941. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-2-SUN.xml +21 -0
  942. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-3-SUN.xml +21 -0
  943. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-4-SUN.xml +21 -0
  944. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-5-SUN.xml +21 -0
  945. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-6-SUN.xml +21 -0
  946. data/vendor/xmlsec1-1.2.18/win32/Makefile.msvc +699 -0
  947. data/vendor/xmlsec1-1.2.18/win32/README.txt +168 -12
  948. data/vendor/xmlsec1-1.2.18/win32/configure.js +395 -0
  949. data/vendor/xmlsec1-1.2.18/win32/libxmlsec.def.src +25 -0
  950. data/vendor/xmlsec1-1.2.18/win32/mycfg.bat +21 -0
  951. data/vendor/xmlsec1-1.2.18/xmlsec-config.in +243 -0
  952. data/vendor/xmlsec1-1.2.18/xmlsec-gcrypt.pc.in +11 -0
  953. data/vendor/xmlsec1-1.2.18/xmlsec-gnutls.pc.in +11 -0
  954. data/vendor/xmlsec1-1.2.18/xmlsec-nss.pc.in +11 -0
  955. data/vendor/xmlsec1-1.2.18/xmlsec-openssl.pc.in +11 -0
  956. data/vendor/xmlsec1-1.2.18/xmlsec.pc.in +11 -0
  957. data/vendor/xmlsec1-1.2.18/xmlsec.spec.in +185 -0
  958. data/vendor/xmlsec1-1.2.18/xmlsec1-config +243 -0
  959. data/vendor/xmlsec1-1.2.18/xmlsec1-gcrypt.pc +11 -0
  960. data/vendor/xmlsec1-1.2.18/xmlsec1-gnutls.pc +11 -0
  961. data/vendor/xmlsec1-1.2.18/xmlsec1-nss.pc +11 -0
  962. data/vendor/xmlsec1-1.2.18/xmlsec1-openssl.pc +11 -0
  963. data/vendor/xmlsec1-1.2.18/xmlsec1.m4 +172 -0
  964. data/vendor/xmlsec1-1.2.18/xmlsec1.pc +11 -0
  965. data/vendor/xmlsec1-1.2.18/xmlsec1.spec +185 -0
  966. data/vendor/xmlsec1-1.2.18/xmlsec1Conf.sh +13 -0
  967. data/vendor/xmlsec1-1.2.18/xmlsecConf.sh.in +13 -0
  968. data/xmlsec-shim.gemspec +18 -0
  969. metadata +1014 -0
data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c ADDED
@@ -0,0 +1,440 @@
1
+ /**
2
+ *
3
+ * XMLSec library
4
+ *
5
+ * DES Algorithm support
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
11
+ */
12
+ #include "globals.h"
13
+
14
+ #include <stdlib.h>
15
+ #include <stdio.h>
16
+ #include <string.h>
17
+
18
+ #include <xmlsec/xmlsec.h>
19
+ #include <xmlsec/xmltree.h>
20
+ #include <xmlsec/keys.h>
21
+ #include <xmlsec/keyinfo.h>
22
+ #include <xmlsec/transforms.h>
23
+ #include <xmlsec/errors.h>
24
+
25
+ #include <xmlsec/nss/crypto.h>
26
+
27
+ /*****************************************************************************
28
+ *
29
+ * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
30
+ *
31
+ ****************************************************************************/
32
+ static int xmlSecNssSymKeyDataInitialize (xmlSecKeyDataPtr data);
33
+ static int xmlSecNssSymKeyDataDuplicate (xmlSecKeyDataPtr dst,
34
+ xmlSecKeyDataPtr src);
35
+ static void xmlSecNssSymKeyDataFinalize (xmlSecKeyDataPtr data);
36
+ static int xmlSecNssSymKeyDataXmlRead (xmlSecKeyDataId id,
37
+ xmlSecKeyPtr key,
38
+ xmlNodePtr node,
39
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
40
+ static int xmlSecNssSymKeyDataXmlWrite (xmlSecKeyDataId id,
41
+ xmlSecKeyPtr key,
42
+ xmlNodePtr node,
43
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
44
+ static int xmlSecNssSymKeyDataBinRead (xmlSecKeyDataId id,
45
+ xmlSecKeyPtr key,
46
+ const xmlSecByte* buf,
47
+ xmlSecSize bufSize,
48
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
49
+ static int xmlSecNssSymKeyDataBinWrite (xmlSecKeyDataId id,
50
+ xmlSecKeyPtr key,
51
+ xmlSecByte** buf,
52
+ xmlSecSize* bufSize,
53
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
54
+ static int xmlSecNssSymKeyDataGenerate (xmlSecKeyDataPtr data,
55
+ xmlSecSize sizeBits,
56
+ xmlSecKeyDataType type);
57
+
58
+ static xmlSecKeyDataType xmlSecNssSymKeyDataGetType (xmlSecKeyDataPtr data);
59
+ static xmlSecSize xmlSecNssSymKeyDataGetSize (xmlSecKeyDataPtr data);
60
+ static void xmlSecNssSymKeyDataDebugDump (xmlSecKeyDataPtr data,
61
+ FILE* output);
62
+ static void xmlSecNssSymKeyDataDebugXmlDump (xmlSecKeyDataPtr data,
63
+ FILE* output);
64
+ static int xmlSecNssSymKeyDataKlassCheck (xmlSecKeyDataKlass* klass);
65
+
66
+ #define xmlSecNssSymKeyDataCheckId(data) \
67
+ (xmlSecKeyDataIsValid((data)) && \
68
+ xmlSecNssSymKeyDataKlassCheck((data)->id))
69
+
70
+ static int
71
+ xmlSecNssSymKeyDataInitialize(xmlSecKeyDataPtr data) {
72
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), -1);
73
+
74
+ return(xmlSecKeyDataBinaryValueInitialize(data));
75
+ }
76
+
77
+ static int
78
+ xmlSecNssSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
79
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(dst), -1);
80
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(src), -1);
81
+ xmlSecAssert2(dst->id == src->id, -1);
82
+
83
+ return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
84
+ }
85
+
86
+ static void
87
+ xmlSecNssSymKeyDataFinalize(xmlSecKeyDataPtr data) {
88
+ xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
89
+
90
+ xmlSecKeyDataBinaryValueFinalize(data);
91
+ }
92
+
93
+ static int
94
+ xmlSecNssSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
95
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
96
+ xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
97
+
98
+ return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
99
+ }
100
+
101
+ static int
102
+ xmlSecNssSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
103
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
104
+ xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
105
+
106
+ return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
107
+ }
108
+
109
+ static int
110
+ xmlSecNssSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
111
+ const xmlSecByte* buf, xmlSecSize bufSize,
112
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
113
+ xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
114
+
115
+ return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
116
+ }
117
+
118
+ static int
119
+ xmlSecNssSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
120
+ xmlSecByte** buf, xmlSecSize* bufSize,
121
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
122
+ xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
123
+
124
+ return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
125
+ }
126
+
127
+ static int
128
+ xmlSecNssSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
129
+ xmlSecBufferPtr buffer;
130
+
131
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), -1);
132
+ xmlSecAssert2(sizeBits > 0, -1);
133
+
134
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
135
+ xmlSecAssert2(buffer != NULL, -1);
136
+
137
+ return(xmlSecNssGenerateRandom(buffer, (sizeBits + 7) / 8));
138
+ }
139
+
140
+ static xmlSecKeyDataType
141
+ xmlSecNssSymKeyDataGetType(xmlSecKeyDataPtr data) {
142
+ xmlSecBufferPtr buffer;
143
+
144
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
145
+
146
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
147
+ xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
148
+
149
+ return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
150
+ }
151
+
152
+ static xmlSecSize
153
+ xmlSecNssSymKeyDataGetSize(xmlSecKeyDataPtr data) {
154
+ xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), 0);
155
+
156
+ return(xmlSecKeyDataBinaryValueGetSize(data));
157
+ }
158
+
159
+ static void
160
+ xmlSecNssSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
161
+ xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
162
+
163
+ xmlSecKeyDataBinaryValueDebugDump(data, output);
164
+ }
165
+
166
+ static void
167
+ xmlSecNssSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
168
+ xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
169
+
170
+ xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
171
+ }
172
+
173
+ static int
174
+ xmlSecNssSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
175
+ #ifndef XMLSEC_NO_DES
176
+ if(klass == xmlSecNssKeyDataDesId) {
177
+ return(1);
178
+ }
179
+ #endif /* XMLSEC_NO_DES */
180
+
181
+ #ifndef XMLSEC_NO_AES
182
+ if(klass == xmlSecNssKeyDataAesId) {
183
+ return(1);
184
+ }
185
+ #endif /* XMLSEC_NO_AES */
186
+
187
+ #ifndef XMLSEC_NO_HMAC
188
+ if(klass == xmlSecNssKeyDataHmacId) {
189
+ return(1);
190
+ }
191
+ #endif /* XMLSEC_NO_HMAC */
192
+
193
+ return(0);
194
+ }
195
+
196
+ #ifndef XMLSEC_NO_AES
197
+ /**************************************************************************
198
+ *
199
+ * <xmlsec:AESKeyValue> processing
200
+ *
201
+ *************************************************************************/
202
+ static xmlSecKeyDataKlass xmlSecNssKeyDataAesKlass = {
203
+ sizeof(xmlSecKeyDataKlass),
204
+ xmlSecKeyDataBinarySize,
205
+
206
+ /* data */
207
+ xmlSecNameAESKeyValue,
208
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
209
+ /* xmlSecKeyDataUsage usage; */
210
+ xmlSecHrefAESKeyValue, /* const xmlChar* href; */
211
+ xmlSecNodeAESKeyValue, /* const xmlChar* dataNodeName; */
212
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
213
+
214
+ /* constructors/destructor */
215
+ xmlSecNssSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
216
+ xmlSecNssSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
217
+ xmlSecNssSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
218
+ xmlSecNssSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
219
+
220
+ /* get info */
221
+ xmlSecNssSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
222
+ xmlSecNssSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
223
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
224
+
225
+ /* read/write */
226
+ xmlSecNssSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
227
+ xmlSecNssSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
228
+ xmlSecNssSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
229
+ xmlSecNssSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
230
+
231
+ /* debug */
232
+ xmlSecNssSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
233
+ xmlSecNssSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
234
+
235
+ /* reserved for the future */
236
+ NULL, /* void* reserved0; */
237
+ NULL, /* void* reserved1; */
238
+ };
239
+
240
+ /**
241
+ * xmlSecNssKeyDataAesGetKlass:
242
+ *
243
+ * The AES key data klass.
244
+ *
245
+ * Returns: AES key data klass.
246
+ */
247
+ xmlSecKeyDataId
248
+ xmlSecNssKeyDataAesGetKlass(void) {
249
+ return(&xmlSecNssKeyDataAesKlass);
250
+ }
251
+
252
+ /**
253
+ * xmlSecNssKeyDataAesSet:
254
+ * @data: the pointer to AES key data.
255
+ * @buf: the pointer to key value.
256
+ * @bufSize: the key value size (in bytes).
257
+ *
258
+ * Sets the value of AES key data.
259
+ *
260
+ * Returns: 0 on success or a negative value if an error occurs.
261
+ */
262
+ int
263
+ xmlSecNssKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
264
+ xmlSecBufferPtr buffer;
265
+
266
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataAesId), -1);
267
+ xmlSecAssert2(buf != NULL, -1);
268
+ xmlSecAssert2(bufSize > 0, -1);
269
+
270
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
271
+ xmlSecAssert2(buffer != NULL, -1);
272
+
273
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
274
+ }
275
+ #endif /* XMLSEC_NO_AES */
276
+
277
+ #ifndef XMLSEC_NO_DES
278
+ /**************************************************************************
279
+ *
280
+ * <xmlsec:DESKeyValue> processing
281
+ *
282
+ *************************************************************************/
283
+ static xmlSecKeyDataKlass xmlSecNssKeyDataDesKlass = {
284
+ sizeof(xmlSecKeyDataKlass),
285
+ xmlSecKeyDataBinarySize,
286
+
287
+ /* data */
288
+ xmlSecNameDESKeyValue,
289
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
290
+ /* xmlSecKeyDataUsage usage; */
291
+ xmlSecHrefDESKeyValue, /* const xmlChar* href; */
292
+ xmlSecNodeDESKeyValue, /* const xmlChar* dataNodeName; */
293
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
294
+
295
+ /* constructors/destructor */
296
+ xmlSecNssSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
297
+ xmlSecNssSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
298
+ xmlSecNssSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
299
+ xmlSecNssSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
300
+
301
+ /* get info */
302
+ xmlSecNssSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
303
+ xmlSecNssSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
304
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
305
+
306
+ /* read/write */
307
+ xmlSecNssSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
308
+ xmlSecNssSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
309
+ xmlSecNssSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
310
+ xmlSecNssSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
311
+
312
+ /* debug */
313
+ xmlSecNssSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
314
+ xmlSecNssSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
315
+
316
+ /* reserved for the future */
317
+ NULL, /* void* reserved0; */
318
+ NULL, /* void* reserved1; */
319
+ };
320
+
321
+ /**
322
+ * xmlSecNssKeyDataDesGetKlass:
323
+ *
324
+ * The DES key data klass.
325
+ *
326
+ * Returns: DES key data klass.
327
+ */
328
+ xmlSecKeyDataId
329
+ xmlSecNssKeyDataDesGetKlass(void) {
330
+ return(&xmlSecNssKeyDataDesKlass);
331
+ }
332
+
333
+ /**
334
+ * xmlSecNssKeyDataDesSet:
335
+ * @data: the pointer to DES key data.
336
+ * @buf: the pointer to key value.
337
+ * @bufSize: the key value size (in bytes).
338
+ *
339
+ * Sets the value of DES key data.
340
+ *
341
+ * Returns: 0 on success or a negative value if an error occurs.
342
+ */
343
+ int
344
+ xmlSecNssKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
345
+ xmlSecBufferPtr buffer;
346
+
347
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDesId), -1);
348
+ xmlSecAssert2(buf != NULL, -1);
349
+ xmlSecAssert2(bufSize > 0, -1);
350
+
351
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
352
+ xmlSecAssert2(buffer != NULL, -1);
353
+
354
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
355
+ }
356
+
357
+ #endif /* XMLSEC_NO_DES */
358
+
359
+ #ifndef XMLSEC_NO_HMAC
360
+ /**************************************************************************
361
+ *
362
+ * <xmlsec:HMACKeyValue> processing
363
+ *
364
+ *************************************************************************/
365
+ static xmlSecKeyDataKlass xmlSecNssKeyDataHmacKlass = {
366
+ sizeof(xmlSecKeyDataKlass),
367
+ xmlSecKeyDataBinarySize,
368
+
369
+ /* data */
370
+ xmlSecNameHMACKeyValue,
371
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
372
+ /* xmlSecKeyDataUsage usage; */
373
+ xmlSecHrefHMACKeyValue, /* const xmlChar* href; */
374
+ xmlSecNodeHMACKeyValue, /* const xmlChar* dataNodeName; */
375
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
376
+
377
+ /* constructors/destructor */
378
+ xmlSecNssSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
379
+ xmlSecNssSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
380
+ xmlSecNssSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
381
+ xmlSecNssSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
382
+
383
+ /* get info */
384
+ xmlSecNssSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
385
+ xmlSecNssSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
386
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
387
+
388
+ /* read/write */
389
+ xmlSecNssSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
390
+ xmlSecNssSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
391
+ xmlSecNssSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
392
+ xmlSecNssSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
393
+
394
+ /* debug */
395
+ xmlSecNssSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
396
+ xmlSecNssSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
397
+
398
+ /* reserved for the future */
399
+ NULL, /* void* reserved0; */
400
+ NULL, /* void* reserved1; */
401
+ };
402
+
403
+ /**
404
+ * xmlSecNssKeyDataHmacGetKlass:
405
+ *
406
+ * The HMAC key data klass.
407
+ *
408
+ * Returns: HMAC key data klass.
409
+ */
410
+ xmlSecKeyDataId
411
+ xmlSecNssKeyDataHmacGetKlass(void) {
412
+ return(&xmlSecNssKeyDataHmacKlass);
413
+ }
414
+
415
+ /**
416
+ * xmlSecNssKeyDataHmacSet:
417
+ * @data: the pointer to HMAC key data.
418
+ * @buf: the pointer to key value.
419
+ * @bufSize: the key value size (in bytes).
420
+ *
421
+ * Sets the value of HMAC key data.
422
+ *
423
+ * Returns: 0 on success or a negative value if an error occurs.
424
+ */
425
+ int
426
+ xmlSecNssKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
427
+ xmlSecBufferPtr buffer;
428
+
429
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataHmacId), -1);
430
+ xmlSecAssert2(buf != NULL, -1);
431
+ xmlSecAssert2(bufSize > 0, -1);
432
+
433
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
434
+ xmlSecAssert2(buffer != NULL, -1);
435
+
436
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
437
+ }
438
+
439
+ #endif /* XMLSEC_NO_HMAC */
440
+
data/vendor/xmlsec1-1.2.18/src/nss/x509.c ADDED
@@ -0,0 +1,2223 @@
1
+ /**
2
+ * XMLSec library
3
+ *
4
+ * X509 support
5
+ *
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (c) 2003 America Online, Inc. All rights reserved.
11
+ */
12
+ #include "globals.h"
13
+
14
+ #ifndef XMLSEC_NO_X509
15
+
16
+ #include <stdlib.h>
17
+ #include <stdio.h>
18
+ #include <string.h>
19
+ #include <ctype.h>
20
+ #include <errno.h>
21
+ #include <time.h>
22
+
23
+ #include <prmem.h>
24
+ #include <pratom.h>
25
+ #include <keyhi.h>
26
+ #include <cert.h>
27
+ #include <certdb.h>
28
+ #include <pk11func.h>
29
+
30
+ #include <libxml/tree.h>
31
+
32
+ #include <xmlsec/xmlsec.h>
33
+ #include <xmlsec/xmltree.h>
34
+ #include <xmlsec/keys.h>
35
+ #include <xmlsec/keyinfo.h>
36
+ #include <xmlsec/keysmngr.h>
37
+ #include <xmlsec/x509.h>
38
+ #include <xmlsec/base64.h>
39
+ #include <xmlsec/errors.h>
40
+
41
+ #include <xmlsec/nss/crypto.h>
42
+ #include <xmlsec/nss/x509.h>
43
+ #include <xmlsec/nss/pkikeys.h>
44
+
45
+
46
+ /* workaround - NSS exports this but doesn't declare it */
47
+ extern CERTCertificate * __CERT_NewTempCertificate(CERTCertDBHandle *handle,
48
+ SECItem *derCert,
49
+ char *nickname,
50
+ PRBool isperm,
51
+ PRBool copyDER);
52
+
53
+ /*************************************************************************
54
+ *
55
+ * X509 utility functions
56
+ *
57
+ ************************************************************************/
58
+ static int xmlSecNssX509DataNodeRead (xmlSecKeyDataPtr data,
59
+ xmlNodePtr node,
60
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
61
+ static int xmlSecNssX509CertificateNodeRead (xmlSecKeyDataPtr data,
62
+ xmlNodePtr node,
63
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
64
+ static int xmlSecNssX509CertificateNodeWrite (CERTCertificate* cert,
65
+ xmlNodePtr node,
66
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
67
+ static int xmlSecNssX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
68
+ xmlNodePtr node,
69
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
70
+ static int xmlSecNssX509SubjectNameNodeWrite (CERTCertificate* cert,
71
+ xmlNodePtr node,
72
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
73
+ static int xmlSecNssX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
74
+ xmlNodePtr node,
75
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
76
+ static int xmlSecNssX509IssuerSerialNodeWrite (CERTCertificate* cert,
77
+ xmlNodePtr node,
78
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
79
+ static int xmlSecNssX509SKINodeRead (xmlSecKeyDataPtr data,
80
+ xmlNodePtr node,
81
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
82
+ static int xmlSecNssX509SKINodeWrite (CERTCertificate* cert,
83
+ xmlNodePtr node,
84
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
85
+ static int xmlSecNssX509CRLNodeRead (xmlSecKeyDataPtr data,
86
+ xmlNodePtr node,
87
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
88
+ static int xmlSecNssX509CRLNodeWrite (CERTSignedCrl* crl,
89
+ xmlNodePtr node,
90
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
91
+ static int xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
92
+ xmlSecKeyPtr key,
93
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
94
+
95
+ static CERTCertificate* xmlSecNssX509CertDerRead (const xmlSecByte* buf,
96
+ xmlSecSize size);
97
+ static CERTCertificate* xmlSecNssX509CertBase64DerRead (xmlChar* buf);
98
+ static xmlChar* xmlSecNssX509CertBase64DerWrite (CERTCertificate* cert,
99
+ int base64LineWrap);
100
+ static CERTSignedCrl* xmlSecNssX509CrlDerRead (xmlSecByte* buf,
101
+ xmlSecSize size,
102
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
103
+ static CERTSignedCrl* xmlSecNssX509CrlBase64DerRead (xmlChar* buf,
104
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
105
+ static xmlChar* xmlSecNssX509CrlBase64DerWrite (CERTSignedCrl* crl,
106
+ int base64LineWrap);
107
+ static xmlChar* xmlSecNssX509NameWrite (CERTName* nm);
108
+ static xmlChar* xmlSecNssASN1IntegerWrite (SECItem *num);
109
+ static xmlChar* xmlSecNssX509SKIWrite (CERTCertificate* cert);
110
+ static void xmlSecNssX509CertDebugDump (CERTCertificate* cert,
111
+ FILE* output);
112
+ static void xmlSecNssX509CertDebugXmlDump (CERTCertificate* cert,
113
+ FILE* output);
114
+ static int xmlSecNssX509CertGetTime (PRTime* t,
115
+ time_t* res);
116
+
117
+ /*************************************************************************
118
+ *
119
+ * Internal NSS X509 data CTX
120
+ *
121
+ ************************************************************************/
122
+ typedef struct _xmlSecNssX509DataCtx xmlSecNssX509DataCtx,
123
+ *xmlSecNssX509DataCtxPtr;
124
+ typedef struct _xmlSecNssX509CrlNode xmlSecNssX509CrlNode,
125
+ *xmlSecNssX509CrlNodePtr;
126
+ struct _xmlSecNssX509CrlNode {
127
+ xmlSecNssX509CrlNodePtr next;
128
+ CERTSignedCrl *crl;
129
+ };
130
+
131
+ struct _xmlSecNssX509DataCtx {
132
+ CERTCertificate* keyCert;
133
+
134
+ CERTCertList* certsList;
135
+ unsigned int numCerts;
136
+
137
+ xmlSecNssX509CrlNodePtr crlsList;
138
+ unsigned int numCrls;
139
+ };
140
+
141
+ /**************************************************************************
142
+ *
143
+ * <dsig:X509Data> processing
144
+ *
145
+ *
146
+ * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
147
+ *
148
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
149
+ * or X509 certificates (or certificates' identifiers or a revocation list).
150
+ * The content of X509Data is:
151
+ *
152
+ * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
153
+ * 2.
154
+ * * The X509IssuerSerial element, which contains an X.509 issuer
155
+ * distinguished name/serial number pair that SHOULD be compliant
156
+ * with RFC2253 [LDAP-DN],
157
+ * * The X509SubjectName element, which contains an X.509 subject
158
+ * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
159
+ * * The X509SKI element, which contains the base64 encoded plain (i.e.
160
+ * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
161
+ * * The X509Certificate element, which contains a base64-encoded [X509v3]
162
+ * certificate, and
163
+ * * Elements from an external namespace which accompanies/complements any
164
+ * of the elements above.
165
+ * * The X509CRL element, which contains a base64-encoded certificate
166
+ * revocation list (CRL) [X509v3].
167
+ *
168
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
169
+ * MUST refer to the certificate or certificates containing the validation key.
170
+ * All such elements that refer to a particular individual certificate MUST be
171
+ * grouped inside a single X509Data element and if the certificate to which
172
+ * they refer appears, it MUST also be in that X509Data element.
173
+ *
174
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
175
+ * the same key but different certificates MUST be grouped within a single
176
+ * KeyInfo but MAY occur in multiple X509Data elements.
177
+ *
178
+ * All certificates appearing in an X509Data element MUST relate to the
179
+ * validation key by either containing it or being part of a certification
180
+ * chain that terminates in a certificate containing the validation key.
181
+ *
182
+ * No ordering is implied by the above constraints.
183
+ *
184
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
185
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
186
+ * within an X509Data element and multiple X509Data elements can occur in a
187
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
188
+ * least one such certificate must contain the public key which verifies the
189
+ * signature.
190
+ *
191
+ * Schema Definition
192
+ *
193
+ * <element name="X509Data" type="ds:X509DataType"/>
194
+ * <complexType name="X509DataType">
195
+ * <sequence maxOccurs="unbounded">
196
+ * <choice>
197
+ * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
198
+ * <element name="X509SKI" type="base64Binary"/>
199
+ * <element name="X509SubjectName" type="string"/>
200
+ * <element name="X509Certificate" type="base64Binary"/>
201
+ * <element name="X509CRL" type="base64Binary"/>
202
+ * <any namespace="##other" processContents="lax"/>
203
+ * </choice>
204
+ * </sequence>
205
+ * </complexType>
206
+ * <complexType name="X509IssuerSerialType">
207
+ * <sequence>
208
+ * <element name="X509IssuerName" type="string"/>
209
+ * <element name="X509SerialNumber" type="integer"/>
210
+ * </sequence>
211
+ * </complexType>
212
+ *
213
+ * DTD
214
+ *
215
+ * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
216
+ * X509Certificate | X509CRL)+ %X509.ANY;)>
217
+ * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
218
+ * <!ELEMENT X509IssuerName (#PCDATA) >
219
+ * <!ELEMENT X509SubjectName (#PCDATA) >
220
+ * <!ELEMENT X509SerialNumber (#PCDATA) >
221
+ * <!ELEMENT X509SKI (#PCDATA) >
222
+ * <!ELEMENT X509Certificate (#PCDATA) >
223
+ * <!ELEMENT X509CRL (#PCDATA) >
224
+ *
225
+ * -----------------------------------------------------------------------
226
+ *
227
+ * xmlSecNssX509DataCtx is located after xmlSecTransform
228
+ *
229
+ *************************************************************************/
230
+ #define xmlSecNssX509DataSize \
231
+ (sizeof(xmlSecKeyData) + sizeof(xmlSecNssX509DataCtx))
232
+ #define xmlSecNssX509DataGetCtx(data) \
233
+ ((xmlSecNssX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
234
+
235
+ static int xmlSecNssKeyDataX509Initialize (xmlSecKeyDataPtr data);
236
+ static int xmlSecNssKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
237
+ xmlSecKeyDataPtr src);
238
+ static void xmlSecNssKeyDataX509Finalize (xmlSecKeyDataPtr data);
239
+ static int xmlSecNssKeyDataX509XmlRead (xmlSecKeyDataId id,
240
+ xmlSecKeyPtr key,
241
+ xmlNodePtr node,
242
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
243
+ static int xmlSecNssKeyDataX509XmlWrite (xmlSecKeyDataId id,
244
+ xmlSecKeyPtr key,
245
+ xmlNodePtr node,
246
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
247
+ static xmlSecKeyDataType xmlSecNssKeyDataX509GetType (xmlSecKeyDataPtr data);
248
+ static const xmlChar* xmlSecNssKeyDataX509GetIdentifier (xmlSecKeyDataPtr data);
249
+
250
+ static void xmlSecNssKeyDataX509DebugDump (xmlSecKeyDataPtr data,
251
+ FILE* output);
252
+ static void xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data,
253
+ FILE* output);
254
+
255
+
256
+
257
+ static xmlSecKeyDataKlass xmlSecNssKeyDataX509Klass = {
258
+ sizeof(xmlSecKeyDataKlass),
259
+ xmlSecNssX509DataSize,
260
+
261
+ /* data */
262
+ xmlSecNameX509Data,
263
+ xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
264
+ /* xmlSecKeyDataUsage usage; */
265
+ xmlSecHrefX509Data, /* const xmlChar* href; */
266
+ xmlSecNodeX509Data, /* const xmlChar* dataNodeName; */
267
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
268
+
269
+ /* constructors/destructor */
270
+ xmlSecNssKeyDataX509Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
271
+ xmlSecNssKeyDataX509Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
272
+ xmlSecNssKeyDataX509Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
273
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
274
+
275
+ /* get info */
276
+ xmlSecNssKeyDataX509GetType, /* xmlSecKeyDataGetTypeMethod getType; */
277
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
278
+ xmlSecNssKeyDataX509GetIdentifier, /* xmlSecKeyDataGetIdentifier getIdentifier; */
279
+
280
+ /* read/write */
281
+ xmlSecNssKeyDataX509XmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
282
+ xmlSecNssKeyDataX509XmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
283
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
284
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
285
+
286
+ /* debug */
287
+ xmlSecNssKeyDataX509DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
288
+ xmlSecNssKeyDataX509DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
289
+
290
+ /* reserved for the future */
291
+ NULL, /* void* reserved0; */
292
+ NULL, /* void* reserved1; */
293
+ };
294
+
295
+ /**
296
+ * xmlSecNssKeyDataX509GetKlass:
297
+ *
298
+ * The NSS X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
299
+ *
300
+ * Returns: the X509 data klass.
301
+ */
302
+ xmlSecKeyDataId
303
+ xmlSecNssKeyDataX509GetKlass(void) {
304
+ return(&xmlSecNssKeyDataX509Klass);
305
+ }
306
+
307
+ /**
308
+ * xmlSecNssKeyDataX509GetKeyCert:
309
+ * @data: the pointer to X509 key data.
310
+ *
311
+ * Gets the certificate from which the key was extracted.
312
+ *
313
+ * Returns: the key's certificate or NULL if key data was not used for key
314
+ * extraction or an error occurs.
315
+ */
316
+ CERTCertificate*
317
+ xmlSecNssKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
318
+ xmlSecNssX509DataCtxPtr ctx;
319
+
320
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
321
+
322
+ ctx = xmlSecNssX509DataGetCtx(data);
323
+ xmlSecAssert2(ctx != NULL, NULL);
324
+
325
+ return(ctx->keyCert);
326
+ }
327
+
328
+ /**
329
+ * xmlSecNssKeyDataX509AdoptKeyCert:
330
+ * @data: the pointer to X509 key data.
331
+ * @cert: the pointer to NSS X509 certificate.
332
+ *
333
+ * Sets the key's certificate in @data.
334
+ *
335
+ * Returns: 0 on success or a negative value if an error occurs.
336
+ */
337
+ int
338
+ xmlSecNssKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, CERTCertificate* cert) {
339
+ xmlSecNssX509DataCtxPtr ctx;
340
+
341
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
342
+ xmlSecAssert2(cert != NULL, -1);
343
+
344
+ ctx = xmlSecNssX509DataGetCtx(data);
345
+ xmlSecAssert2(ctx != NULL, -1);
346
+
347
+ if(ctx->keyCert != NULL) {
348
+ CERT_DestroyCertificate(ctx->keyCert);
349
+ }
350
+ ctx->keyCert = cert;
351
+ return(0);
352
+ }
353
+
354
+ /**
355
+ * xmlSecNssKeyDataX509AdoptCert:
356
+ * @data: the pointer to X509 key data.
357
+ * @cert: the pointer to NSS X509 certificate.
358
+ *
359
+ * Adds certificate to the X509 key data.
360
+ *
361
+ * Returns: 0 on success or a negative value if an error occurs.
362
+ */
363
+ int
364
+ xmlSecNssKeyDataX509AdoptCert(xmlSecKeyDataPtr data, CERTCertificate* cert) {
365
+ xmlSecNssX509DataCtxPtr ctx;
366
+ SECStatus ret;
367
+
368
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
369
+ xmlSecAssert2(cert != NULL, -1);
370
+
371
+ ctx = xmlSecNssX509DataGetCtx(data);
372
+ xmlSecAssert2(ctx != NULL, -1);
373
+
374
+ if(ctx->certsList == NULL) {
375
+ ctx->certsList = CERT_NewCertList();
376
+ if(ctx->certsList == NULL) {
377
+ xmlSecError(XMLSEC_ERRORS_HERE,
378
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
379
+ "CERT_NewCertList",
380
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
381
+ "error code=%d", PORT_GetError());
382
+ return(-1);
383
+ }
384
+ }
385
+
386
+ ret = CERT_AddCertToListTail(ctx->certsList, cert);
387
+ if(ret != SECSuccess) {
388
+ xmlSecError(XMLSEC_ERRORS_HERE,
389
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
390
+ "CERT_AddCertToListTail",
391
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
392
+ "error code=%d", PORT_GetError());
393
+ return(-1);
394
+ }
395
+ ctx->numCerts++;
396
+
397
+ return(0);
398
+ }
399
+
400
+ /**
401
+ * xmlSecNssKeyDataX509GetCert:
402
+ * @data: the pointer to X509 key data.
403
+ * @pos: the desired certificate position.
404
+ *
405
+ * Gets a certificate from X509 key data.
406
+ *
407
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
408
+ * number of certificates in @data or an error occurs.
409
+ */
410
+ CERTCertificate*
411
+ xmlSecNssKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
412
+ xmlSecNssX509DataCtxPtr ctx;
413
+ CERTCertListNode* head;
414
+
415
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
416
+
417
+ ctx = xmlSecNssX509DataGetCtx(data);
418
+ xmlSecAssert2(ctx != NULL, NULL);
419
+ xmlSecAssert2(ctx->certsList != NULL, NULL);
420
+ xmlSecAssert2(pos < ctx->numCerts, NULL);
421
+
422
+ head = CERT_LIST_HEAD(ctx->certsList);
423
+ while (pos > 0)
424
+ {
425
+ head = CERT_LIST_NEXT(head);
426
+ pos--;
427
+ }
428
+
429
+ return (head->cert);
430
+ }
431
+
432
+ /**
433
+ * xmlSecNssKeyDataX509GetCertsSize:
434
+ * @data: the pointer to X509 key data.
435
+ *
436
+ * Gets the number of certificates in @data.
437
+ *
438
+ * Returns: te number of certificates in @data.
439
+ */
440
+ xmlSecSize
441
+ xmlSecNssKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
442
+ xmlSecNssX509DataCtxPtr ctx;
443
+
444
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), 0);
445
+
446
+ ctx = xmlSecNssX509DataGetCtx(data);
447
+ xmlSecAssert2(ctx != NULL, 0);
448
+
449
+ return(ctx->numCerts);
450
+ }
451
+
452
+ /**
453
+ * xmlSecNssKeyDataX509AdoptCrl:
454
+ * @data: the pointer to X509 key data.
455
+ * @crl: the pointer to NSS X509 CRL.
456
+ *
457
+ * Adds CRL to the X509 key data.
458
+ *
459
+ * Returns: 0 on success or a negative value if an error occurs.
460
+ */
461
+ int
462
+ xmlSecNssKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, CERTSignedCrl* crl) {
463
+ xmlSecNssX509DataCtxPtr ctx;
464
+ xmlSecNssX509CrlNodePtr crlnode;
465
+
466
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
467
+ xmlSecAssert2(crl != NULL, -1);
468
+
469
+ ctx = xmlSecNssX509DataGetCtx(data);
470
+ xmlSecAssert2(ctx != NULL, -1);
471
+
472
+ crlnode = (xmlSecNssX509CrlNodePtr)PR_Malloc(sizeof(xmlSecNssX509CrlNode));
473
+
474
+ if(crlnode == NULL) {
475
+ xmlSecError(XMLSEC_ERRORS_HERE,
476
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
477
+ "PR_Malloc",
478
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
479
+ XMLSEC_ERRORS_NO_MESSAGE);
480
+ return(-1);
481
+ }
482
+
483
+ memset(crlnode, 0, sizeof(xmlSecNssX509CrlNode));
484
+ crlnode->next = ctx->crlsList;
485
+ crlnode->crl = crl;
486
+ ctx->crlsList = crlnode;
487
+ ctx->numCrls++;
488
+
489
+ return(0);
490
+ }
491
+
492
+ /**
493
+ * xmlSecNssKeyDataX509GetCrl:
494
+ * @data: the pointer to X509 key data.
495
+ * @pos: the desired CRL position.
496
+ *
497
+ * Gets a CRL from X509 key data.
498
+ *
499
+ * Returns: the pointer to CRL or NULL if @pos is larger than the
500
+ * number of CRLs in @data or an error occurs.
501
+ */
502
+ CERTSignedCrl *
503
+ xmlSecNssKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
504
+ xmlSecNssX509DataCtxPtr ctx;
505
+ xmlSecNssX509CrlNodePtr head;
506
+
507
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
508
+ ctx = xmlSecNssX509DataGetCtx(data);
509
+ xmlSecAssert2(ctx != NULL, NULL);
510
+
511
+ xmlSecAssert2(ctx->crlsList != NULL, NULL);
512
+ xmlSecAssert2(pos < ctx->numCrls, NULL);
513
+
514
+ head = ctx->crlsList;
515
+ while (pos > 0)
516
+ {
517
+ head = head->next;
518
+ pos--;
519
+ }
520
+
521
+ return (head->crl);
522
+ }
523
+
524
+ /**
525
+ * xmlSecNssKeyDataX509GetCrlsSize:
526
+ * @data: the pointer to X509 key data.
527
+ *
528
+ * Gets the number of CRLs in @data.
529
+ *
530
+ * Returns: te number of CRLs in @data.
531
+ */
532
+ xmlSecSize
533
+ xmlSecNssKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
534
+ xmlSecNssX509DataCtxPtr ctx;
535
+
536
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), 0);
537
+
538
+ ctx = xmlSecNssX509DataGetCtx(data);
539
+ xmlSecAssert2(ctx != NULL, 0);
540
+
541
+ return(ctx->numCrls);
542
+ }
543
+
544
+ static int
545
+ xmlSecNssKeyDataX509Initialize(xmlSecKeyDataPtr data) {
546
+ xmlSecNssX509DataCtxPtr ctx;
547
+
548
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
549
+
550
+ ctx = xmlSecNssX509DataGetCtx(data);
551
+ xmlSecAssert2(ctx != NULL, -1);
552
+
553
+ memset(ctx, 0, sizeof(xmlSecNssX509DataCtx));
554
+ return(0);
555
+ }
556
+
557
+ static int
558
+ xmlSecNssKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
559
+ CERTCertificate* certSrc;
560
+ CERTCertificate* certDst;
561
+ CERTSignedCrl* crlSrc;
562
+ CERTSignedCrl* crlDst;
563
+ xmlSecSize size, pos;
564
+ int ret;
565
+
566
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecNssKeyDataX509Id), -1);
567
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecNssKeyDataX509Id), -1);
568
+
569
+ /* copy certsList */
570
+ size = xmlSecNssKeyDataX509GetCertsSize(src);
571
+ for(pos = 0; pos < size; ++pos) {
572
+ /* TBD: function below does linear scan, eliminate loop within
573
+ * loop
574
+ */
575
+ certSrc = xmlSecNssKeyDataX509GetCert(src, pos);
576
+ if(certSrc == NULL) {
577
+ xmlSecError(XMLSEC_ERRORS_HERE,
578
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
579
+ "xmlSecNssKeyDataX509GetCert",
580
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
581
+ "pos=%d", pos);
582
+ return(-1);
583
+ }
584
+
585
+ certDst = CERT_DupCertificate(certSrc);
586
+ if(certDst == NULL) {
587
+ xmlSecError(XMLSEC_ERRORS_HERE,
588
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
589
+ "CERT_DupCertificate",
590
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
591
+ "error code=%d", PORT_GetError());
592
+ return(-1);
593
+ }
594
+
595
+ ret = xmlSecNssKeyDataX509AdoptCert(dst, certDst);
596
+ if(ret < 0) {
597
+ xmlSecError(XMLSEC_ERRORS_HERE,
598
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
599
+ "xmlSecNssKeyDataX509AdoptCert",
600
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
601
+ XMLSEC_ERRORS_NO_MESSAGE);
602
+ CERT_DestroyCertificate(certDst);
603
+ return(-1);
604
+ }
605
+ }
606
+
607
+ /* copy crls */
608
+ size = xmlSecNssKeyDataX509GetCrlsSize(src);
609
+ for(pos = 0; pos < size; ++pos) {
610
+ crlSrc = xmlSecNssKeyDataX509GetCrl(src, pos);
611
+ if(crlSrc == NULL) {
612
+ xmlSecError(XMLSEC_ERRORS_HERE,
613
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
614
+ "xmlSecNssKeyDataX509GetCrl",
615
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
616
+ "pos=%d", pos);
617
+ return(-1);
618
+ }
619
+
620
+ crlDst = SEC_DupCrl(crlSrc);
621
+ if(crlDst == NULL) {
622
+ xmlSecError(XMLSEC_ERRORS_HERE,
623
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
624
+ "SEC_DupCrl",
625
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
626
+ "error code=%d", PORT_GetError());
627
+ return(-1);
628
+ }
629
+
630
+ ret = xmlSecNssKeyDataX509AdoptCrl(dst, crlDst);
631
+ if(ret < 0) {
632
+ xmlSecError(XMLSEC_ERRORS_HERE,
633
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
634
+ "xmlSecNssKeyDataX509AdoptCrl",
635
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
636
+ XMLSEC_ERRORS_NO_MESSAGE);
637
+ SEC_DestroyCrl(crlDst);
638
+ return(-1);
639
+ }
640
+ }
641
+
642
+ /* copy key cert if exist */
643
+ certSrc = xmlSecNssKeyDataX509GetKeyCert(src);
644
+ if(certSrc != NULL) {
645
+ certDst = CERT_DupCertificate(certSrc);
646
+ if(certDst == NULL) {
647
+ xmlSecError(XMLSEC_ERRORS_HERE,
648
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
649
+ "CERT_DupCertificate",
650
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
651
+ "error code=%d", PORT_GetError());
652
+ return(-1);
653
+ }
654
+ ret = xmlSecNssKeyDataX509AdoptKeyCert(dst, certDst);
655
+ if(ret < 0) {
656
+ xmlSecError(XMLSEC_ERRORS_HERE,
657
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
658
+ "xmlSecNssKeyDataX509AdoptKeyCert",
659
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
660
+ XMLSEC_ERRORS_NO_MESSAGE);
661
+ CERT_DestroyCertificate(certDst);
662
+ return(-1);
663
+ }
664
+ }
665
+ return(0);
666
+ }
667
+
668
+ static void
669
+ xmlSecNssKeyDataX509Finalize(xmlSecKeyDataPtr data) {
670
+ xmlSecNssX509DataCtxPtr ctx;
671
+
672
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id));
673
+
674
+ ctx = xmlSecNssX509DataGetCtx(data);
675
+ xmlSecAssert(ctx != NULL);
676
+
677
+ if(ctx->certsList != NULL) {
678
+ CERT_DestroyCertList(ctx->certsList);
679
+ }
680
+
681
+ if(ctx->crlsList != NULL) {
682
+ xmlSecNssX509CrlNodePtr head;
683
+ xmlSecNssX509CrlNodePtr tmp;
684
+
685
+ head = ctx->crlsList;
686
+ while (head)
687
+ {
688
+ tmp = head->next;
689
+ SEC_DestroyCrl(head->crl);
690
+ PR_Free(head);
691
+ head = tmp;
692
+ }
693
+ }
694
+
695
+ if(ctx->keyCert != NULL) {
696
+ CERT_DestroyCertificate(ctx->keyCert);
697
+ }
698
+
699
+ memset(ctx, 0, sizeof(xmlSecNssX509DataCtx));
700
+ }
701
+
702
+ static int
703
+ xmlSecNssKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
704
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
705
+ xmlSecKeyDataPtr data;
706
+ int ret;
707
+
708
+ xmlSecAssert2(id == xmlSecNssKeyDataX509Id, -1);
709
+ xmlSecAssert2(key != NULL, -1);
710
+ xmlSecAssert2(node != NULL, -1);
711
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
712
+
713
+ data = xmlSecKeyEnsureData(key, id);
714
+ if(data == NULL) {
715
+ xmlSecError(XMLSEC_ERRORS_HERE,
716
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
717
+ "xmlSecKeyEnsureData",
718
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
719
+ XMLSEC_ERRORS_NO_MESSAGE);
720
+ return(-1);
721
+ }
722
+
723
+ ret = xmlSecNssX509DataNodeRead(data, node, keyInfoCtx);
724
+ if(ret < 0) {
725
+ xmlSecError(XMLSEC_ERRORS_HERE,
726
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
727
+ "xmlSecNssX509DataNodeRead",
728
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
729
+ XMLSEC_ERRORS_NO_MESSAGE);
730
+ return(-1);
731
+ }
732
+
733
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
734
+ ret = xmlSecNssKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
735
+ if(ret < 0) {
736
+ xmlSecError(XMLSEC_ERRORS_HERE,
737
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
738
+ "xmlSecNssKeyDataX509VerifyAndExtractKey",
739
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
740
+ XMLSEC_ERRORS_NO_MESSAGE);
741
+ return(-1);
742
+ }
743
+ }
744
+ return(0);
745
+ }
746
+
747
+ static int
748
+ xmlSecNssKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
749
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
750
+ xmlSecKeyDataPtr data;
751
+ CERTCertificate* cert;
752
+ CERTSignedCrl* crl;
753
+ xmlSecSize size, pos;
754
+ int content = 0;
755
+ int ret;
756
+
757
+ xmlSecAssert2(id == xmlSecNssKeyDataX509Id, -1);
758
+ xmlSecAssert2(key != NULL, -1);
759
+ xmlSecAssert2(node != NULL, -1);
760
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
761
+
762
+ content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
763
+ if (content < 0) {
764
+ xmlSecError(XMLSEC_ERRORS_HERE,
765
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
766
+ "xmlSecX509DataGetNodeContent",
767
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
768
+ "content=%d", content);
769
+ return(-1);
770
+ } else if(content == 0) {
771
+ /* by default we are writing certificates and crls */
772
+ content = XMLSEC_X509DATA_DEFAULT;
773
+ }
774
+
775
+ /* get x509 data */
776
+ data = xmlSecKeyGetData(key, id);
777
+ if(data == NULL) {
778
+ /* no x509 data in the key */
779
+ return(0);
780
+ }
781
+
782
+ /* write certs */
783
+ size = xmlSecNssKeyDataX509GetCertsSize(data);
784
+ for(pos = 0; pos < size; ++pos) {
785
+ cert = xmlSecNssKeyDataX509GetCert(data, pos);
786
+ if(cert == NULL) {
787
+ xmlSecError(XMLSEC_ERRORS_HERE,
788
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
789
+ "xmlSecNssKeyDataX509GetCert",
790
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
791
+ "pos=%d", pos);
792
+ return(-1);
793
+ }
794
+
795
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
796
+ ret = xmlSecNssX509CertificateNodeWrite(cert, node, keyInfoCtx);
797
+ if(ret < 0) {
798
+ xmlSecError(XMLSEC_ERRORS_HERE,
799
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
800
+ "xmlSecNssX509CertificateNodeWrite",
801
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
802
+ "pos=%d", pos);
803
+ return(-1);
804
+ }
805
+ }
806
+
807
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
808
+ ret = xmlSecNssX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
809
+ if(ret < 0) {
810
+ xmlSecError(XMLSEC_ERRORS_HERE,
811
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
812
+ "xmlSecNssX509SubjectNameNodeWrite",
813
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
814
+ "pos=%d", pos);
815
+ return(-1);
816
+ }
817
+ }
818
+
819
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
820
+ ret = xmlSecNssX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
821
+ if(ret < 0) {
822
+ xmlSecError(XMLSEC_ERRORS_HERE,
823
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
824
+ "xmlSecNssX509IssuerSerialNodeWrite",
825
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
826
+ "pos=%d", pos);
827
+ return(-1);
828
+ }
829
+ }
830
+
831
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
832
+ ret = xmlSecNssX509SKINodeWrite(cert, node, keyInfoCtx);
833
+ if(ret < 0) {
834
+ xmlSecError(XMLSEC_ERRORS_HERE,
835
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
836
+ "xmlSecNssX509SKINodeWrite",
837
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
838
+ "pos=%d", pos);
839
+ return(-1);
840
+ }
841
+ }
842
+ }
843
+
844
+ /* write crls if needed */
845
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
846
+ size = xmlSecNssKeyDataX509GetCrlsSize(data);
847
+ for(pos = 0; pos < size; ++pos) {
848
+ crl = xmlSecNssKeyDataX509GetCrl(data, pos);
849
+ if(crl == NULL) {
850
+ xmlSecError(XMLSEC_ERRORS_HERE,
851
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
852
+ "xmlSecNssKeyDataX509GetCrl",
853
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
854
+ "pos=%d", pos);
855
+ return(-1);
856
+ }
857
+
858
+ ret = xmlSecNssX509CRLNodeWrite(crl, node, keyInfoCtx);
859
+ if(ret < 0) {
860
+ xmlSecError(XMLSEC_ERRORS_HERE,
861
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
862
+ "xmlSecNssX509CRLNodeWrite",
863
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
864
+ "pos=%d", pos);
865
+ return(-1);
866
+ }
867
+ }
868
+ }
869
+
870
+ return(0);
871
+ }
872
+
873
+ static xmlSecKeyDataType
874
+ xmlSecNssKeyDataX509GetType(xmlSecKeyDataPtr data) {
875
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), xmlSecKeyDataTypeUnknown);
876
+
877
+ /* TODO: return verified/not verified status */
878
+ return(xmlSecKeyDataTypeUnknown);
879
+ }
880
+
881
+ static const xmlChar*
882
+ xmlSecNssKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
883
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
884
+
885
+ /* TODO */
886
+ return(NULL);
887
+ }
888
+
889
+ static void
890
+ xmlSecNssKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
891
+ CERTCertificate* cert;
892
+ xmlSecSize size, pos;
893
+
894
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id));
895
+ xmlSecAssert(output != NULL);
896
+
897
+ fprintf(output, "=== X509 Data:\n");
898
+ cert = xmlSecNssKeyDataX509GetKeyCert(data);
899
+ if(cert != NULL) {
900
+ fprintf(output, "==== Key Certificate:\n");
901
+ xmlSecNssX509CertDebugDump(cert, output);
902
+ }
903
+
904
+ size = xmlSecNssKeyDataX509GetCertsSize(data);
905
+ for(pos = 0; pos < size; ++pos) {
906
+ cert = xmlSecNssKeyDataX509GetCert(data, pos);
907
+ if(cert == NULL) {
908
+ xmlSecError(XMLSEC_ERRORS_HERE,
909
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
910
+ "xmlSecNssKeyDataX509GetCert",
911
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
912
+ "pos=%d", pos);
913
+ return;
914
+ }
915
+ fprintf(output, "==== Certificate:\n");
916
+ xmlSecNssX509CertDebugDump(cert, output);
917
+ }
918
+
919
+ /* we don't print out crls */
920
+ }
921
+
922
+ static void
923
+ xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
924
+ CERTCertificate* cert;
925
+ xmlSecSize size, pos;
926
+
927
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id));
928
+ xmlSecAssert(output != NULL);
929
+
930
+ fprintf(output, "<X509Data>\n");
931
+ cert = xmlSecNssKeyDataX509GetKeyCert(data);
932
+ if(cert != NULL) {
933
+ fprintf(output, "<KeyCertificate>\n");
934
+ xmlSecNssX509CertDebugXmlDump(cert, output);
935
+ fprintf(output, "</KeyCertificate>\n");
936
+ }
937
+
938
+ size = xmlSecNssKeyDataX509GetCertsSize(data);
939
+ for(pos = 0; pos < size; ++pos) {
940
+ cert = xmlSecNssKeyDataX509GetCert(data, pos);
941
+ if(cert == NULL) {
942
+ xmlSecError(XMLSEC_ERRORS_HERE,
943
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
944
+ "xmlSecNssKeyDataX509GetCert",
945
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
946
+ "pos=%d", pos);
947
+ return;
948
+ }
949
+ fprintf(output, "<Certificate>\n");
950
+ xmlSecNssX509CertDebugXmlDump(cert, output);
951
+ fprintf(output, "</Certificate>\n");
952
+ }
953
+
954
+ /* we don't print out crls */
955
+ fprintf(output, "</X509Data>\n");
956
+ }
957
+
958
+ static int
959
+ xmlSecNssX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
960
+ xmlNodePtr cur;
961
+ int ret;
962
+
963
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
964
+ xmlSecAssert2(node != NULL, -1);
965
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
966
+
967
+ for(cur = xmlSecGetNextElementNode(node->children);
968
+ cur != NULL;
969
+ cur = xmlSecGetNextElementNode(cur->next)) {
970
+
971
+ ret = 0;
972
+ if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
973
+ ret = xmlSecNssX509CertificateNodeRead(data, cur, keyInfoCtx);
974
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
975
+ ret = xmlSecNssX509SubjectNameNodeRead(data, cur, keyInfoCtx);
976
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
977
+ ret = xmlSecNssX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
978
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
979
+ ret = xmlSecNssX509SKINodeRead(data, cur, keyInfoCtx);
980
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
981
+ ret = xmlSecNssX509CRLNodeRead(data, cur, keyInfoCtx);
982
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
983
+ /* laxi schema validation: ignore unknown nodes */
984
+ xmlSecError(XMLSEC_ERRORS_HERE,
985
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
986
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
987
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
988
+ XMLSEC_ERRORS_NO_MESSAGE);
989
+ return(-1);
990
+ }
991
+ if(ret < 0) {
992
+ xmlSecError(XMLSEC_ERRORS_HERE,
993
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
994
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
995
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
996
+ "read node failed");
997
+ return(-1);
998
+ }
999
+ }
1000
+ return(0);
1001
+ }
1002
+
1003
+ static int
1004
+ xmlSecNssX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1005
+ xmlChar *content;
1006
+ CERTCertificate* cert;
1007
+ int ret;
1008
+
1009
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1010
+ xmlSecAssert2(node != NULL, -1);
1011
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1012
+
1013
+ content = xmlNodeGetContent(node);
1014
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
1015
+ if(content != NULL) {
1016
+ xmlFree(content);
1017
+ }
1018
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1019
+ xmlSecError(XMLSEC_ERRORS_HERE,
1020
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1021
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1022
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1023
+ XMLSEC_ERRORS_NO_MESSAGE);
1024
+ return(-1);
1025
+ }
1026
+ return(0);
1027
+ }
1028
+
1029
+ cert = xmlSecNssX509CertBase64DerRead(content);
1030
+ if(cert == NULL) {
1031
+ xmlSecError(XMLSEC_ERRORS_HERE,
1032
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1033
+ "xmlSecNssX509CertBase64DerRead",
1034
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1035
+ XMLSEC_ERRORS_NO_MESSAGE);
1036
+ xmlFree(content);
1037
+ return(-1);
1038
+ }
1039
+
1040
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
1041
+ if(ret < 0) {
1042
+ xmlSecError(XMLSEC_ERRORS_HERE,
1043
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1044
+ "xmlSecNssKeyDataX509AdoptCert",
1045
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1046
+ XMLSEC_ERRORS_NO_MESSAGE);
1047
+ CERT_DestroyCertificate(cert);
1048
+ xmlFree(content);
1049
+ return(-1);
1050
+ }
1051
+
1052
+ xmlFree(content);
1053
+ return(0);
1054
+ }
1055
+
1056
+ static int
1057
+ xmlSecNssX509CertificateNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1058
+ xmlChar* buf;
1059
+ xmlNodePtr cur;
1060
+
1061
+ xmlSecAssert2(cert != NULL, -1);
1062
+ xmlSecAssert2(node != NULL, -1);
1063
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1064
+
1065
+ /* set base64 lines size from context */
1066
+ buf = xmlSecNssX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
1067
+ if(buf == NULL) {
1068
+ xmlSecError(XMLSEC_ERRORS_HERE,
1069
+ NULL,
1070
+ "xmlSecNssX509CertBase64DerWrite",
1071
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1072
+ XMLSEC_ERRORS_NO_MESSAGE);
1073
+ return(-1);
1074
+ }
1075
+
1076
+ cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
1077
+ if(cur == NULL) {
1078
+ xmlSecError(XMLSEC_ERRORS_HERE,
1079
+ NULL,
1080
+ "xmlSecAddChild",
1081
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1082
+ "node=%s",
1083
+ xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
1084
+ xmlFree(buf);
1085
+ return(-1);
1086
+ }
1087
+
1088
+ /* todo: add \n around base64 data - from context */
1089
+ /* todo: add errors check */
1090
+ xmlNodeSetContent(cur, xmlSecStringCR);
1091
+ xmlNodeSetContent(cur, buf);
1092
+ xmlFree(buf);
1093
+ return(0);
1094
+ }
1095
+
1096
+ static int
1097
+ xmlSecNssX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1098
+ xmlSecKeyDataStorePtr x509Store;
1099
+ xmlChar* subject;
1100
+ CERTCertificate* cert;
1101
+ int ret;
1102
+
1103
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1104
+ xmlSecAssert2(node != NULL, -1);
1105
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1106
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1107
+
1108
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
1109
+ if(x509Store == NULL) {
1110
+ xmlSecError(XMLSEC_ERRORS_HERE,
1111
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1112
+ "xmlSecKeysMngrGetDataStore",
1113
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1114
+ XMLSEC_ERRORS_NO_MESSAGE);
1115
+ return(-1);
1116
+ }
1117
+
1118
+ subject = xmlNodeGetContent(node);
1119
+ if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
1120
+ if(subject != NULL) {
1121
+ xmlFree(subject);
1122
+ }
1123
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1124
+ xmlSecError(XMLSEC_ERRORS_HERE,
1125
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1126
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1127
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1128
+ XMLSEC_ERRORS_NO_MESSAGE);
1129
+ return(-1);
1130
+ }
1131
+ return(0);
1132
+ }
1133
+
1134
+ cert = xmlSecNssX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
1135
+ if(cert == NULL){
1136
+
1137
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1138
+ xmlSecError(XMLSEC_ERRORS_HERE,
1139
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1140
+ NULL,
1141
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1142
+ "subject=%s",
1143
+ xmlSecErrorsSafeString(subject));
1144
+ xmlFree(subject);
1145
+ return(-1);
1146
+ }
1147
+
1148
+ xmlFree(subject);
1149
+ return(0);
1150
+ }
1151
+
1152
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
1153
+ if(ret < 0) {
1154
+ xmlSecError(XMLSEC_ERRORS_HERE,
1155
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1156
+ "xmlSecNssKeyDataX509AdoptCert",
1157
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1158
+ XMLSEC_ERRORS_NO_MESSAGE);
1159
+ CERT_DestroyCertificate(cert);
1160
+ xmlFree(subject);
1161
+ return(-1);
1162
+ }
1163
+
1164
+ xmlFree(subject);
1165
+ return(0);
1166
+ }
1167
+
1168
+ static int
1169
+ xmlSecNssX509SubjectNameNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1170
+ xmlChar* buf = NULL;
1171
+ xmlNodePtr cur = NULL;
1172
+
1173
+ xmlSecAssert2(cert != NULL, -1);
1174
+ xmlSecAssert2(node != NULL, -1);
1175
+
1176
+ buf = xmlSecNssX509NameWrite(&(cert->subject));
1177
+ if(buf == NULL) {
1178
+ xmlSecError(XMLSEC_ERRORS_HERE,
1179
+ NULL,
1180
+ "xmlSecNssX509NameWrite(&(cert->subject))",
1181
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1182
+ XMLSEC_ERRORS_NO_MESSAGE);
1183
+ return(-1);
1184
+ }
1185
+
1186
+ cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
1187
+ if(cur == NULL) {
1188
+ xmlSecError(XMLSEC_ERRORS_HERE,
1189
+ NULL,
1190
+ "xmlSecAddChild",
1191
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1192
+ "node=%s",
1193
+ xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
1194
+ xmlFree(buf);
1195
+ return(-1);
1196
+ }
1197
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1198
+ xmlFree(buf);
1199
+ return(0);
1200
+ }
1201
+
1202
+ static int
1203
+ xmlSecNssX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1204
+ xmlSecKeyDataStorePtr x509Store;
1205
+ xmlNodePtr cur;
1206
+ xmlChar *issuerName;
1207
+ xmlChar *issuerSerial;
1208
+ CERTCertificate* cert;
1209
+ int ret;
1210
+
1211
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1212
+ xmlSecAssert2(node != NULL, -1);
1213
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1214
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1215
+
1216
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
1217
+ if(x509Store == NULL) {
1218
+ xmlSecError(XMLSEC_ERRORS_HERE,
1219
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1220
+ "xmlSecKeysMngrGetDataStore",
1221
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1222
+ XMLSEC_ERRORS_NO_MESSAGE);
1223
+ return(-1);
1224
+ }
1225
+
1226
+ cur = xmlSecGetNextElementNode(node->children);
1227
+ if(cur == NULL) {
1228
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1229
+ xmlSecError(XMLSEC_ERRORS_HERE,
1230
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1231
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1232
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1233
+ "node=%s",
1234
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1235
+ return(-1);
1236
+ }
1237
+ return(0);
1238
+ }
1239
+
1240
+ /* the first is required node X509IssuerName */
1241
+ if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
1242
+ xmlSecError(XMLSEC_ERRORS_HERE,
1243
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1244
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1245
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1246
+ "node=%s",
1247
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1248
+ return(-1);
1249
+ }
1250
+ issuerName = xmlNodeGetContent(cur);
1251
+ if(issuerName == NULL) {
1252
+ xmlSecError(XMLSEC_ERRORS_HERE,
1253
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1254
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1255
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1256
+ "node=%s",
1257
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1258
+ return(-1);
1259
+ }
1260
+ cur = xmlSecGetNextElementNode(cur->next);
1261
+
1262
+ /* next is required node X509SerialNumber */
1263
+ if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
1264
+ xmlSecError(XMLSEC_ERRORS_HERE,
1265
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1266
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1267
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1268
+ "node=%s",
1269
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1270
+ xmlFree(issuerName);
1271
+ return(-1);
1272
+ }
1273
+ issuerSerial = xmlNodeGetContent(cur);
1274
+ if(issuerSerial == NULL) {
1275
+ xmlSecError(XMLSEC_ERRORS_HERE,
1276
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1277
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
1278
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1279
+ "node=%s",
1280
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1281
+ xmlFree(issuerName);
1282
+ return(-1);
1283
+ }
1284
+ cur = xmlSecGetNextElementNode(cur->next);
1285
+
1286
+ if(cur != NULL) {
1287
+ xmlSecError(XMLSEC_ERRORS_HERE,
1288
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1289
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1290
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
1291
+ XMLSEC_ERRORS_NO_MESSAGE);
1292
+ xmlFree(issuerSerial);
1293
+ xmlFree(issuerName);
1294
+ return(-1);
1295
+ }
1296
+
1297
+ cert = xmlSecNssX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
1298
+ if(cert == NULL){
1299
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1300
+ xmlSecError(XMLSEC_ERRORS_HERE,
1301
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1302
+ NULL,
1303
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1304
+ "issuerName=%s;issuerSerial=%s",
1305
+ xmlSecErrorsSafeString(issuerName),
1306
+ xmlSecErrorsSafeString(issuerSerial));
1307
+ xmlFree(issuerSerial);
1308
+ xmlFree(issuerName);
1309
+ return(-1);
1310
+ }
1311
+
1312
+ xmlFree(issuerSerial);
1313
+ xmlFree(issuerName);
1314
+ return(0);
1315
+ }
1316
+
1317
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
1318
+ if(ret < 0) {
1319
+ xmlSecError(XMLSEC_ERRORS_HERE,
1320
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1321
+ "xmlSecNssKeyDataX509AdoptCert",
1322
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1323
+ XMLSEC_ERRORS_NO_MESSAGE);
1324
+ CERT_DestroyCertificate(cert);
1325
+ xmlFree(issuerSerial);
1326
+ xmlFree(issuerName);
1327
+ return(-1);
1328
+ }
1329
+
1330
+ xmlFree(issuerSerial);
1331
+ xmlFree(issuerName);
1332
+ return(0);
1333
+ }
1334
+
1335
+ static int
1336
+ xmlSecNssX509IssuerSerialNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1337
+ xmlNodePtr cur;
1338
+ xmlNodePtr issuerNameNode;
1339
+ xmlNodePtr issuerNumberNode;
1340
+ xmlChar* buf;
1341
+
1342
+ xmlSecAssert2(cert != NULL, -1);
1343
+ xmlSecAssert2(node != NULL, -1);
1344
+
1345
+ /* create xml nodes */
1346
+ cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
1347
+ if(cur == NULL) {
1348
+ xmlSecError(XMLSEC_ERRORS_HERE,
1349
+ NULL,
1350
+ "xmlSecAddChild",
1351
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1352
+ "node=%s",
1353
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
1354
+ return(-1);
1355
+ }
1356
+
1357
+ issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
1358
+ if(issuerNameNode == NULL) {
1359
+ xmlSecError(XMLSEC_ERRORS_HERE,
1360
+ NULL,
1361
+ "xmlSecAddChild",
1362
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1363
+ "node=%s",
1364
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1365
+ return(-1);
1366
+ }
1367
+
1368
+ issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
1369
+ if(issuerNumberNode == NULL) {
1370
+ xmlSecError(XMLSEC_ERRORS_HERE,
1371
+ NULL,
1372
+ "xmlSecAddChild",
1373
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1374
+ "node=%s",
1375
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1376
+ return(-1);
1377
+ }
1378
+
1379
+ /* write data */
1380
+ buf = xmlSecNssX509NameWrite(&(cert->issuer));
1381
+ if(buf == NULL) {
1382
+ xmlSecError(XMLSEC_ERRORS_HERE,
1383
+ NULL,
1384
+ "xmlSecNssX509NameWrite(&(cert->issuer))",
1385
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1386
+ XMLSEC_ERRORS_NO_MESSAGE);
1387
+ return(-1);
1388
+ }
1389
+ xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
1390
+ xmlFree(buf);
1391
+
1392
+ buf = xmlSecNssASN1IntegerWrite(&(cert->serialNumber));
1393
+ if(buf == NULL) {
1394
+ xmlSecError(XMLSEC_ERRORS_HERE,
1395
+ NULL,
1396
+ "xmlSecNssASN1IntegerWrite(&(cert->serialNumber))",
1397
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1398
+ XMLSEC_ERRORS_NO_MESSAGE);
1399
+ return(-1);
1400
+ }
1401
+ xmlNodeSetContent(issuerNumberNode, buf);
1402
+ xmlFree(buf);
1403
+
1404
+ return(0);
1405
+ }
1406
+
1407
+ static int
1408
+ xmlSecNssX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1409
+ xmlSecKeyDataStorePtr x509Store;
1410
+ xmlChar* ski;
1411
+ CERTCertificate* cert;
1412
+ int ret;
1413
+
1414
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1415
+ xmlSecAssert2(node != NULL, -1);
1416
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1417
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1418
+
1419
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
1420
+ if(x509Store == NULL) {
1421
+ xmlSecError(XMLSEC_ERRORS_HERE,
1422
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1423
+ "xmlSecKeysMngrGetDataStore",
1424
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1425
+ XMLSEC_ERRORS_NO_MESSAGE);
1426
+ return(-1);
1427
+ }
1428
+
1429
+ ski = xmlNodeGetContent(node);
1430
+ if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
1431
+ if(ski != NULL) {
1432
+ xmlFree(ski);
1433
+ }
1434
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1435
+ xmlSecError(XMLSEC_ERRORS_HERE,
1436
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1437
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1438
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1439
+ "node=%s",
1440
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1441
+ return(-1);
1442
+ }
1443
+ return(0);
1444
+ }
1445
+
1446
+ cert = xmlSecNssX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
1447
+ if(cert == NULL){
1448
+ xmlFree(ski);
1449
+
1450
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1451
+ xmlSecError(XMLSEC_ERRORS_HERE,
1452
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1453
+ NULL,
1454
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1455
+ "ski=%s",
1456
+ xmlSecErrorsSafeString(ski));
1457
+ return(-1);
1458
+ }
1459
+ return(0);
1460
+ }
1461
+
1462
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
1463
+ if(ret < 0) {
1464
+ xmlSecError(XMLSEC_ERRORS_HERE,
1465
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1466
+ "xmlSecNssKeyDataX509AdoptCert",
1467
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1468
+ XMLSEC_ERRORS_NO_MESSAGE);
1469
+ CERT_DestroyCertificate(cert);
1470
+ xmlFree(ski);
1471
+ return(-1);
1472
+ }
1473
+
1474
+ xmlFree(ski);
1475
+ return(0);
1476
+ }
1477
+
1478
+ static int
1479
+ xmlSecNssX509SKINodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1480
+ xmlChar *buf = NULL;
1481
+ xmlNodePtr cur = NULL;
1482
+
1483
+ xmlSecAssert2(cert != NULL, -1);
1484
+ xmlSecAssert2(node != NULL, -1);
1485
+
1486
+ buf = xmlSecNssX509SKIWrite(cert);
1487
+ if(buf == NULL) {
1488
+ xmlSecError(XMLSEC_ERRORS_HERE,
1489
+ NULL,
1490
+ "xmlSecNssX509SKIWrite",
1491
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1492
+ XMLSEC_ERRORS_NO_MESSAGE);
1493
+ return(-1);
1494
+ }
1495
+
1496
+ cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
1497
+ if(cur == NULL) {
1498
+ xmlSecError(XMLSEC_ERRORS_HERE,
1499
+ NULL,
1500
+ "xmlSecAddChild",
1501
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1502
+ "new_node=%s",
1503
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1504
+ xmlFree(buf);
1505
+ return(-1);
1506
+ }
1507
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1508
+ xmlFree(buf);
1509
+
1510
+ return(0);
1511
+ }
1512
+
1513
+ static int
1514
+ xmlSecNssX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1515
+ xmlChar *content;
1516
+ CERTSignedCrl* crl;
1517
+
1518
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1519
+ xmlSecAssert2(node != NULL, -1);
1520
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1521
+
1522
+ content = xmlNodeGetContent(node);
1523
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
1524
+ if(content != NULL) {
1525
+ xmlFree(content);
1526
+ }
1527
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1528
+ xmlSecError(XMLSEC_ERRORS_HERE,
1529
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1530
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1531
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1532
+ XMLSEC_ERRORS_NO_MESSAGE);
1533
+ return(-1);
1534
+ }
1535
+ return(0);
1536
+ }
1537
+
1538
+ crl = xmlSecNssX509CrlBase64DerRead(content, keyInfoCtx);
1539
+ if(crl == NULL) {
1540
+ xmlSecError(XMLSEC_ERRORS_HERE,
1541
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1542
+ "xmlSecNssX509CrlBase64DerRead",
1543
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1544
+ XMLSEC_ERRORS_NO_MESSAGE);
1545
+ xmlFree(content);
1546
+ return(-1);
1547
+ }
1548
+
1549
+ SEC_DestroyCrl(crl);
1550
+ xmlFree(content);
1551
+ return(0);
1552
+ }
1553
+
1554
+ static int
1555
+ xmlSecNssX509CRLNodeWrite(CERTSignedCrl* crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1556
+ xmlChar* buf = NULL;
1557
+ xmlNodePtr cur = NULL;
1558
+
1559
+ xmlSecAssert2(crl != NULL, -1);
1560
+ xmlSecAssert2(node != NULL, -1);
1561
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1562
+
1563
+ /* set base64 lines size from context */
1564
+ buf = xmlSecNssX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
1565
+ if(buf == NULL) {
1566
+ xmlSecError(XMLSEC_ERRORS_HERE,
1567
+ NULL,
1568
+ "xmlSecNssX509CrlBase64DerWrite",
1569
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1570
+ XMLSEC_ERRORS_NO_MESSAGE);
1571
+ return(-1);
1572
+ }
1573
+
1574
+ cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
1575
+ if(cur == NULL) {
1576
+ xmlSecError(XMLSEC_ERRORS_HERE,
1577
+ NULL,
1578
+ "xmlSecAddChild",
1579
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1580
+ "new_node=%s",
1581
+ xmlSecErrorsSafeString(xmlSecNodeX509CRL));
1582
+ xmlFree(buf);
1583
+ return(-1);
1584
+ }
1585
+ /* todo: add \n around base64 data - from context */
1586
+ /* todo: add errors check */
1587
+ xmlNodeSetContent(cur, xmlSecStringCR);
1588
+ xmlNodeSetContent(cur, buf);
1589
+ xmlFree(buf);
1590
+
1591
+ return(0);
1592
+ }
1593
+
1594
+
1595
+ static int
1596
+ xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
1597
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1598
+ xmlSecNssX509DataCtxPtr ctx;
1599
+ xmlSecKeyDataStorePtr x509Store;
1600
+ int ret;
1601
+ SECStatus status;
1602
+ PRTime notBefore, notAfter;
1603
+
1604
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
1605
+ xmlSecAssert2(key != NULL, -1);
1606
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1607
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1608
+
1609
+ ctx = xmlSecNssX509DataGetCtx(data);
1610
+ xmlSecAssert2(ctx != NULL, -1);
1611
+
1612
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
1613
+ if(x509Store == NULL) {
1614
+ xmlSecError(XMLSEC_ERRORS_HERE,
1615
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1616
+ "xmlSecKeysMngrGetDataStore",
1617
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1618
+ XMLSEC_ERRORS_NO_MESSAGE);
1619
+ return(-1);
1620
+ }
1621
+
1622
+ if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
1623
+ CERTCertificate* cert;
1624
+
1625
+ cert = xmlSecNssX509StoreVerify(x509Store, ctx->certsList, keyInfoCtx);
1626
+ if(cert != NULL) {
1627
+ xmlSecKeyDataPtr keyValue;
1628
+
1629
+ ctx->keyCert = CERT_DupCertificate(cert);
1630
+ if(ctx->keyCert == NULL) {
1631
+ xmlSecError(XMLSEC_ERRORS_HERE,
1632
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1633
+ "CERT_DupCertificate",
1634
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1635
+ XMLSEC_ERRORS_NO_MESSAGE);
1636
+ return(-1);
1637
+ }
1638
+
1639
+ keyValue = xmlSecNssX509CertGetKey(ctx->keyCert);
1640
+ if(keyValue == NULL) {
1641
+ xmlSecError(XMLSEC_ERRORS_HERE,
1642
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1643
+ "xmlSecNssX509CertGetKey",
1644
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1645
+ XMLSEC_ERRORS_NO_MESSAGE);
1646
+ return(-1);
1647
+ }
1648
+
1649
+ /* verify that the key matches our expectations */
1650
+ if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
1651
+ xmlSecError(XMLSEC_ERRORS_HERE,
1652
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1653
+ "xmlSecKeyReqMatchKeyValue",
1654
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1655
+ XMLSEC_ERRORS_NO_MESSAGE);
1656
+ xmlSecKeyDataDestroy(keyValue);
1657
+ return(-1);
1658
+ }
1659
+
1660
+ ret = xmlSecKeySetValue(key, keyValue);
1661
+ if(ret < 0) {
1662
+ xmlSecError(XMLSEC_ERRORS_HERE,
1663
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1664
+ "xmlSecKeySetValue",
1665
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1666
+ XMLSEC_ERRORS_NO_MESSAGE);
1667
+ xmlSecKeyDataDestroy(keyValue);
1668
+ return(-1);
1669
+ }
1670
+
1671
+ status = CERT_GetCertTimes(ctx->keyCert, &notBefore, &notAfter);
1672
+ if (status == SECSuccess) {
1673
+ ret = xmlSecNssX509CertGetTime(&notBefore, &(key->notValidBefore));
1674
+ if(ret < 0) {
1675
+ xmlSecError(XMLSEC_ERRORS_HERE,
1676
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1677
+ "xmlSecNssX509CertGetTime",
1678
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1679
+ "notValidBefore");
1680
+ return(-1);
1681
+ }
1682
+ ret = xmlSecNssX509CertGetTime(&notAfter, &(key->notValidAfter));
1683
+ if(ret < 0) {
1684
+ xmlSecError(XMLSEC_ERRORS_HERE,
1685
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1686
+ "xmlSecNssX509CertGetTime",
1687
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1688
+ "notValidAfter");
1689
+ return(-1);
1690
+ }
1691
+ } else {
1692
+ key->notValidBefore = key->notValidAfter = 0;
1693
+ }
1694
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
1695
+ xmlSecError(XMLSEC_ERRORS_HERE,
1696
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1697
+ NULL,
1698
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1699
+ XMLSEC_ERRORS_NO_MESSAGE);
1700
+ return(-1);
1701
+ }
1702
+ }
1703
+ return(0);
1704
+ }
1705
+
1706
+ static int
1707
+ xmlSecNssX509CertGetTime(PRTime* t, time_t* res) {
1708
+
1709
+ PRTime tmp64_1, tmp64_2;
1710
+ PRUint32 tmp32 = 1000000;
1711
+
1712
+ xmlSecAssert2(t != NULL, -1);
1713
+ xmlSecAssert2(res != NULL, -1);
1714
+
1715
+ /* PRTime is time in microseconds since epoch. Divide by 1000000 to
1716
+ * convert to seconds, then convert to an unsigned 32 bit number
1717
+ */
1718
+ (*res) = 0;
1719
+ LL_UI2L(tmp64_1, tmp32);
1720
+ LL_DIV(tmp64_2, *t, tmp64_1);
1721
+ LL_L2UI(tmp32, tmp64_2);
1722
+
1723
+ (*res) = (time_t)(tmp32);
1724
+
1725
+ return(0);
1726
+ }
1727
+
1728
+ /**
1729
+ * xmlSecNssX509CertGetKey:
1730
+ * @cert: the certificate.
1731
+ *
1732
+ * Extracts public key from the @cert.
1733
+ *
1734
+ * Returns: public key value or NULL if an error occurs.
1735
+ */
1736
+ xmlSecKeyDataPtr
1737
+ xmlSecNssX509CertGetKey(CERTCertificate* cert) {
1738
+ xmlSecKeyDataPtr data;
1739
+ SECKEYPublicKey *pubkey = NULL;
1740
+
1741
+ xmlSecAssert2(cert != NULL, NULL);
1742
+
1743
+ pubkey = CERT_ExtractPublicKey(cert);
1744
+ if(pubkey == NULL) {
1745
+ xmlSecError(XMLSEC_ERRORS_HERE,
1746
+ NULL,
1747
+ "CERT_ExtractPublicKey",
1748
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1749
+ "error code=%d", PORT_GetError());
1750
+ return(NULL);
1751
+ }
1752
+
1753
+ data = xmlSecNssPKIAdoptKey(NULL, pubkey);
1754
+ if(data == NULL) {
1755
+ xmlSecError(XMLSEC_ERRORS_HERE,
1756
+ NULL,
1757
+ "xmlSecNssPKIAdoptKey",
1758
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1759
+ XMLSEC_ERRORS_NO_MESSAGE);
1760
+ SECKEY_DestroyPublicKey(pubkey);
1761
+ return(NULL);
1762
+ }
1763
+
1764
+ return(data);
1765
+ }
1766
+
1767
+ static CERTCertificate*
1768
+ xmlSecNssX509CertBase64DerRead(xmlChar* buf) {
1769
+ int ret;
1770
+
1771
+ xmlSecAssert2(buf != NULL, NULL);
1772
+
1773
+ /* usual trick with base64 decoding "in-place" */
1774
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1775
+ if(ret < 0) {
1776
+ xmlSecError(XMLSEC_ERRORS_HERE,
1777
+ NULL,
1778
+ "xmlSecBase64Decode",
1779
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1780
+ XMLSEC_ERRORS_NO_MESSAGE);
1781
+ return(NULL);
1782
+ }
1783
+
1784
+ return(xmlSecNssX509CertDerRead((xmlSecByte*)buf, ret));
1785
+ }
1786
+
1787
+
1788
+ static CERTCertificate*
1789
+ xmlSecNssX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
1790
+ CERTCertificate *cert;
1791
+ SECItem derCert;
1792
+
1793
+ xmlSecAssert2(buf != NULL, NULL);
1794
+ xmlSecAssert2(size > 0, NULL);
1795
+
1796
+ derCert.data = (unsigned char *)buf;
1797
+ derCert.len = size;
1798
+
1799
+ /* decode cert and import to temporary cert db */
1800
+ cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &derCert,
1801
+ NULL, PR_FALSE, PR_TRUE);
1802
+ if(cert == NULL) {
1803
+ xmlSecError(XMLSEC_ERRORS_HERE,
1804
+ NULL,
1805
+ "__CERT_NewTempCertificate",
1806
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1807
+ "error code=%d", PORT_GetError());
1808
+ return(NULL);
1809
+ }
1810
+
1811
+
1812
+ return(cert);
1813
+ }
1814
+
1815
+ static xmlChar*
1816
+ xmlSecNssX509CertBase64DerWrite(CERTCertificate* cert, int base64LineWrap) {
1817
+ xmlChar *res = NULL;
1818
+ xmlSecByte *p = NULL;
1819
+ long size;
1820
+
1821
+ xmlSecAssert2(cert != NULL, NULL);
1822
+
1823
+ p = cert->derCert.data;
1824
+ size = cert->derCert.len;
1825
+ if((size <= 0) || (p == NULL)){
1826
+ xmlSecError(XMLSEC_ERRORS_HERE,
1827
+ NULL,
1828
+ "cert->derCert",
1829
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1830
+ "error code=%d", PORT_GetError());
1831
+ return(NULL);
1832
+ }
1833
+
1834
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
1835
+ if(res == NULL) {
1836
+ xmlSecError(XMLSEC_ERRORS_HERE,
1837
+ NULL,
1838
+ "xmlSecBase64Encode",
1839
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1840
+ XMLSEC_ERRORS_NO_MESSAGE);
1841
+ return(NULL);
1842
+ }
1843
+
1844
+ return(res);
1845
+ }
1846
+
1847
+ static CERTSignedCrl*
1848
+ xmlSecNssX509CrlBase64DerRead(xmlChar* buf,
1849
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1850
+ int ret;
1851
+
1852
+ xmlSecAssert2(buf != NULL, NULL);
1853
+
1854
+ /* usual trick with base64 decoding "in-place" */
1855
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1856
+ if(ret < 0) {
1857
+ xmlSecError(XMLSEC_ERRORS_HERE,
1858
+ NULL,
1859
+ "xmlSecBase64Decode",
1860
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1861
+ XMLSEC_ERRORS_NO_MESSAGE);
1862
+ return(NULL);
1863
+ }
1864
+
1865
+ return(xmlSecNssX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
1866
+ }
1867
+
1868
+
1869
+ static CERTSignedCrl*
1870
+ xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
1871
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1872
+ CERTSignedCrl *crl = NULL;
1873
+ SECItem derCrl;
1874
+ PK11SlotInfo *slot = NULL;
1875
+ PRInt32 importOptions = CRL_IMPORT_DEFAULT_OPTIONS;
1876
+
1877
+ xmlSecAssert2(buf != NULL, NULL);
1878
+ xmlSecAssert2(keyInfoCtx != NULL, NULL);
1879
+ xmlSecAssert2(size > 0, NULL);
1880
+
1881
+ derCrl.data = buf;
1882
+ derCrl.len = size;
1883
+
1884
+ /* we're importing a CRL, it is ok to use the internal slot.
1885
+ * crlutil does it :)
1886
+ */
1887
+ slot = xmlSecNssGetInternalKeySlot();
1888
+ if (slot == NULL) {
1889
+ xmlSecError(XMLSEC_ERRORS_HERE,
1890
+ NULL,
1891
+ "xmlSecNssGetInternalKeySlot",
1892
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1893
+ XMLSEC_ERRORS_NO_MESSAGE);
1894
+ return NULL;
1895
+ }
1896
+
1897
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0)
1898
+ importOptions |= CRL_IMPORT_BYPASS_CHECKS;
1899
+
1900
+ crl = PK11_ImportCRL(slot, &derCrl, NULL, SEC_CRL_TYPE, NULL,
1901
+ importOptions, NULL, CRL_DECODE_DEFAULT_OPTIONS);
1902
+
1903
+ if(crl == NULL) {
1904
+ xmlSecError(XMLSEC_ERRORS_HERE,
1905
+ NULL,
1906
+ "PK11_ImportCRL",
1907
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1908
+ "error code=%d", PORT_GetError());
1909
+ PK11_FreeSlot(slot);
1910
+ return(NULL);
1911
+ }
1912
+
1913
+ PK11_FreeSlot(slot);
1914
+ return(crl);
1915
+ }
1916
+
1917
+ static xmlChar*
1918
+ xmlSecNssX509CrlBase64DerWrite(CERTSignedCrl* crl, int base64LineWrap) {
1919
+ xmlChar *res = NULL;
1920
+ xmlSecByte *p = NULL;
1921
+ long size;
1922
+
1923
+ xmlSecAssert2(crl != NULL && crl->derCrl != NULL, NULL);
1924
+
1925
+ p = crl->derCrl->data;
1926
+ size = crl->derCrl->len;
1927
+ if((size <= 0) || (p == NULL)){
1928
+ xmlSecError(XMLSEC_ERRORS_HERE,
1929
+ NULL,
1930
+ "crl->derCrl",
1931
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1932
+ "error code=%d", PORT_GetError());
1933
+ return(NULL);
1934
+ }
1935
+
1936
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
1937
+ if(res == NULL) {
1938
+ xmlSecError(XMLSEC_ERRORS_HERE,
1939
+ NULL,
1940
+ "xmlSecBase64Encode",
1941
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1942
+ XMLSEC_ERRORS_NO_MESSAGE);
1943
+ return(NULL);
1944
+ }
1945
+
1946
+ return(res);
1947
+ }
1948
+
1949
+ static xmlChar*
1950
+ xmlSecNssX509NameWrite(CERTName* nm) {
1951
+ xmlChar *res = NULL;
1952
+ char *str;
1953
+
1954
+ xmlSecAssert2(nm != NULL, NULL);
1955
+
1956
+ str = CERT_NameToAscii(nm);
1957
+ if (str == NULL) {
1958
+ xmlSecError(XMLSEC_ERRORS_HERE,
1959
+ NULL,
1960
+ "CERT_NameToAscii",
1961
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1962
+ XMLSEC_ERRORS_NO_MESSAGE);
1963
+ return(NULL);
1964
+ }
1965
+
1966
+ res = xmlStrdup(BAD_CAST str);
1967
+ if(res == NULL) {
1968
+ xmlSecError(XMLSEC_ERRORS_HERE,
1969
+ NULL,
1970
+ "xmlStrdup",
1971
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
1972
+ XMLSEC_ERRORS_NO_MESSAGE);
1973
+ PORT_Free(str);
1974
+ return(NULL);
1975
+ }
1976
+ PORT_Free(str);
1977
+ return(res);
1978
+ }
1979
+
1980
+ static xmlChar*
1981
+ xmlSecNssASN1IntegerWrite(SECItem *num) {
1982
+ xmlChar *res = NULL;
1983
+ int resLen = 64; /* not more than 64 chars */
1984
+ PRUint64 val = 0;
1985
+ unsigned int ii = 0;
1986
+ int shift = 0;
1987
+
1988
+ xmlSecAssert2(num != NULL, NULL);
1989
+ xmlSecAssert2(num->type == siBuffer, NULL);
1990
+ xmlSecAssert2(num->len <= 9, NULL);
1991
+ xmlSecAssert2(num->data != NULL, NULL);
1992
+
1993
+ /* HACK : to be fixed after
1994
+ * NSS bug http://bugzilla.mozilla.org/show_bug.cgi?id=212864 is fixed
1995
+ */
1996
+ for(ii = num->len; ii > 0; --ii, shift += 8) {
1997
+ val |= ((PRUint64)num->data[ii - 1]) << shift;
1998
+ }
1999
+
2000
+ res = (xmlChar*)xmlMalloc(resLen + 1);
2001
+ if(res == NULL) {
2002
+ xmlSecError(XMLSEC_ERRORS_HERE,
2003
+ NULL,
2004
+ "xmlStrdup",
2005
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
2006
+ XMLSEC_ERRORS_NO_MESSAGE);
2007
+ return (NULL);
2008
+ }
2009
+
2010
+ PR_snprintf((char*)res, resLen, "%llu", val);
2011
+ return(res);
2012
+ }
2013
+
2014
+ static xmlChar*
2015
+ xmlSecNssX509SKIWrite(CERTCertificate* cert) {
2016
+ xmlChar *res = NULL;
2017
+ SECItem ski;
2018
+ SECStatus rv;
2019
+
2020
+ xmlSecAssert2(cert != NULL, NULL);
2021
+
2022
+ memset(&ski, 0, sizeof(ski));
2023
+
2024
+ rv = CERT_FindSubjectKeyIDExtension(cert, &ski);
2025
+ if (rv != SECSuccess) {
2026
+ xmlSecError(XMLSEC_ERRORS_HERE,
2027
+ NULL,
2028
+ "CERT_FindSubjectKeyIDExtension",
2029
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2030
+ XMLSEC_ERRORS_NO_MESSAGE);
2031
+ SECITEM_FreeItem(&ski, PR_FALSE);
2032
+ return(NULL);
2033
+ }
2034
+
2035
+ res = xmlSecBase64Encode(ski.data, ski.len, 0);
2036
+ if(res == NULL) {
2037
+ xmlSecError(XMLSEC_ERRORS_HERE,
2038
+ NULL,
2039
+ "xmlSecBase64Encode",
2040
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2041
+ XMLSEC_ERRORS_NO_MESSAGE);
2042
+ SECITEM_FreeItem(&ski, PR_FALSE);
2043
+ return(NULL);
2044
+ }
2045
+ SECITEM_FreeItem(&ski, PR_FALSE);
2046
+
2047
+ return(res);
2048
+ }
2049
+
2050
+
2051
+ static void
2052
+ xmlSecNssX509CertDebugDump(CERTCertificate* cert, FILE* output) {
2053
+ SECItem *sn;
2054
+ unsigned int i;
2055
+
2056
+ xmlSecAssert(cert != NULL);
2057
+ xmlSecAssert(output != NULL);
2058
+
2059
+ fprintf(output, "==== Subject Name: %s\n", cert->subjectName);
2060
+ fprintf(output, "==== Issuer Name: %s\n", cert->issuerName);
2061
+ sn = &cert->serialNumber;
2062
+
2063
+ for (i = 0; i < sn->len; i++) {
2064
+ if (i != sn->len - 1) {
2065
+ fprintf(output, "%02x:", sn->data[i]);
2066
+ } else {
2067
+ fprintf(output, "%02x", sn->data[i]);
2068
+ }
2069
+ }
2070
+ fprintf(output, "\n");
2071
+ }
2072
+
2073
+
2074
+ static void
2075
+ xmlSecNssX509CertDebugXmlDump(CERTCertificate* cert, FILE* output) {
2076
+ SECItem *sn;
2077
+ unsigned int i;
2078
+
2079
+ xmlSecAssert(cert != NULL);
2080
+ xmlSecAssert(output != NULL);
2081
+
2082
+ fprintf(output, "<SubjectName>");
2083
+ xmlSecPrintXmlString(output, BAD_CAST cert->subjectName);
2084
+ fprintf(output, "</SubjectName>\n");
2085
+
2086
+ fprintf(output, "<IssuerName>");
2087
+ xmlSecPrintXmlString(output, BAD_CAST cert->issuerName);
2088
+ fprintf(output, "</IssuerName>\n");
2089
+
2090
+ fprintf(output, "<SerialNumber>");
2091
+ sn = &cert->serialNumber;
2092
+ for (i = 0; i < sn->len; i++) {
2093
+ if (i != sn->len - 1) {
2094
+ fprintf(output, "%02x:", sn->data[i]);
2095
+ } else {
2096
+ fprintf(output, "%02x", sn->data[i]);
2097
+ }
2098
+ }
2099
+ fprintf(output, "</SerialNumber>\n");
2100
+ }
2101
+
2102
+
2103
+ /**************************************************************************
2104
+ *
2105
+ * Raw X509 Certificate processing
2106
+ *
2107
+ *
2108
+ *************************************************************************/
2109
+ static int xmlSecNssKeyDataRawX509CertBinRead (xmlSecKeyDataId id,
2110
+ xmlSecKeyPtr key,
2111
+ const xmlSecByte* buf,
2112
+ xmlSecSize bufSize,
2113
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
2114
+
2115
+ static xmlSecKeyDataKlass xmlSecNssKeyDataRawX509CertKlass = {
2116
+ sizeof(xmlSecKeyDataKlass),
2117
+ sizeof(xmlSecKeyData),
2118
+
2119
+ /* data */
2120
+ xmlSecNameRawX509Cert,
2121
+ xmlSecKeyDataUsageRetrievalMethodNodeBin,
2122
+ /* xmlSecKeyDataUsage usage; */
2123
+ xmlSecHrefRawX509Cert, /* const xmlChar* href; */
2124
+ NULL, /* const xmlChar* dataNodeName; */
2125
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
2126
+
2127
+ /* constructors/destructor */
2128
+ NULL, /* xmlSecKeyDataInitializeMethod initialize; */
2129
+ NULL, /* xmlSecKeyDataDuplicateMethod duplicate; */
2130
+ NULL, /* xmlSecKeyDataFinalizeMethod finalize; */
2131
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
2132
+
2133
+ /* get info */
2134
+ NULL, /* xmlSecKeyDataGetTypeMethod getType; */
2135
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
2136
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
2137
+
2138
+ /* read/write */
2139
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
2140
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
2141
+ xmlSecNssKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
2142
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
2143
+
2144
+ /* debug */
2145
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugDump; */
2146
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
2147
+
2148
+ /* reserved for the future */
2149
+ NULL, /* void* reserved0; */
2150
+ NULL, /* void* reserved1; */
2151
+ };
2152
+
2153
+ /**
2154
+ * xmlSecNssKeyDataRawX509CertGetKlass:
2155
+ *
2156
+ * The raw X509 certificates key data klass.
2157
+ *
2158
+ * Returns: raw X509 certificates key data klass.
2159
+ */
2160
+ xmlSecKeyDataId
2161
+ xmlSecNssKeyDataRawX509CertGetKlass(void) {
2162
+ return(&xmlSecNssKeyDataRawX509CertKlass);
2163
+ }
2164
+
2165
+ static int
2166
+ xmlSecNssKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
2167
+ const xmlSecByte* buf, xmlSecSize bufSize,
2168
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
2169
+ xmlSecKeyDataPtr data;
2170
+ CERTCertificate* cert;
2171
+ int ret;
2172
+
2173
+ xmlSecAssert2(id == xmlSecNssKeyDataRawX509CertId, -1);
2174
+ xmlSecAssert2(key != NULL, -1);
2175
+ xmlSecAssert2(buf != NULL, -1);
2176
+ xmlSecAssert2(bufSize > 0, -1);
2177
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
2178
+
2179
+ cert = xmlSecNssX509CertDerRead(buf, bufSize);
2180
+ if(cert == NULL) {
2181
+ xmlSecError(XMLSEC_ERRORS_HERE,
2182
+ NULL,
2183
+ "xmlSecNssX509CertDerRead",
2184
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2185
+ XMLSEC_ERRORS_NO_MESSAGE);
2186
+ return(-1);
2187
+ }
2188
+
2189
+ data = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
2190
+ if(data == NULL) {
2191
+ xmlSecError(XMLSEC_ERRORS_HERE,
2192
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2193
+ "xmlSecKeyEnsureData",
2194
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2195
+ XMLSEC_ERRORS_NO_MESSAGE);
2196
+ CERT_DestroyCertificate(cert);
2197
+ return(-1);
2198
+ }
2199
+
2200
+ ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
2201
+ if(ret < 0) {
2202
+ xmlSecError(XMLSEC_ERRORS_HERE,
2203
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2204
+ "xmlSecNssKeyDataX509AdoptCert",
2205
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2206
+ XMLSEC_ERRORS_NO_MESSAGE);
2207
+ CERT_DestroyCertificate(cert);
2208
+ return(-1);
2209
+ }
2210
+
2211
+ ret = xmlSecNssKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
2212
+ if(ret < 0) {
2213
+ xmlSecError(XMLSEC_ERRORS_HERE,
2214
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2215
+ "xmlSecNssKeyDataX509VerifyAndExtractKey",
2216
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2217
+ XMLSEC_ERRORS_NO_MESSAGE);
2218
+ return(-1);
2219
+ }
2220
+ return(0);
2221
+ }
2222
+
2223
+ #endif /* XMLSEC_NO_X509 */