xmlsec-shim 1.2.18.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (969) hide show
  1. data/.gitignore +17 -0
  2. data/Gemfile +4 -0
  3. data/README.md +2 -0
  4. data/Rakefile +2 -0
  5. data/ext/xmlsec/extconf.rb +14 -0
  6. data/lib/xmlsec-shim.rb +27 -0
  7. data/lib/xmlsec-shim/version.rb +5 -0
  8. data/vendor/xmlsec1-1.2.18/AUTHORS +8 -0
  9. data/vendor/xmlsec1-1.2.18/COPYING +105 -0
  10. data/vendor/xmlsec1-1.2.18/ChangeLog +1810 -0
  11. data/vendor/xmlsec1-1.2.18/Copyright +105 -0
  12. data/vendor/xmlsec1-1.2.18/HACKING +199 -0
  13. data/vendor/xmlsec1-1.2.18/INSTALL +38 -0
  14. data/vendor/xmlsec1-1.2.18/Makefile.am +186 -0
  15. data/vendor/xmlsec1-1.2.18/Makefile.in +1155 -0
  16. data/vendor/xmlsec1-1.2.18/NEWS +1 -0
  17. data/vendor/xmlsec1-1.2.18/README +15 -0
  18. data/vendor/xmlsec1-1.2.18/TODO +156 -0
  19. data/vendor/xmlsec1-1.2.18/aclocal.m4 +1197 -0
  20. data/vendor/xmlsec1-1.2.18/apps/Makefile.am +84 -0
  21. data/vendor/xmlsec1-1.2.18/apps/Makefile.in +694 -0
  22. data/vendor/xmlsec1-1.2.18/apps/cmdline.c +355 -0
  23. data/vendor/xmlsec1-1.2.18/apps/cmdline.h +89 -0
  24. data/vendor/xmlsec1-1.2.18/apps/crypto.c +396 -0
  25. data/vendor/xmlsec1-1.2.18/apps/crypto.h +70 -0
  26. data/vendor/xmlsec1-1.2.18/apps/xmlsec.c +3058 -0
  27. data/vendor/xmlsec1-1.2.18/config.guess +1502 -0
  28. data/vendor/xmlsec1-1.2.18/config.h.in +134 -0
  29. data/vendor/xmlsec1-1.2.18/config.sub +1714 -0
  30. data/vendor/xmlsec1-1.2.18/configure +17363 -0
  31. data/vendor/xmlsec1-1.2.18/configure.in +1633 -0
  32. data/vendor/xmlsec1-1.2.18/depcomp +630 -0
  33. data/vendor/xmlsec1-1.2.18/docs/Makefile.am +65 -0
  34. data/vendor/xmlsec1-1.2.18/docs/Makefile.in +721 -0
  35. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.am +209 -0
  36. data/vendor/xmlsec1-1.2.18/docs/api/Makefile.in +664 -0
  37. data/vendor/xmlsec1-1.2.18/docs/api/chapters/compiling-and-linking.sgml +252 -0
  38. data/vendor/xmlsec1-1.2.18/docs/api/chapters/creating-templates.sgml +325 -0
  39. data/vendor/xmlsec1-1.2.18/docs/api/chapters/examples.sgml +102 -0
  40. data/vendor/xmlsec1-1.2.18/docs/api/chapters/init-and-shutdown.sgml +104 -0
  41. data/vendor/xmlsec1-1.2.18/docs/api/chapters/new-crypto.sgml +487 -0
  42. data/vendor/xmlsec1-1.2.18/docs/api/chapters/sign-and-encrypt.sgml +286 -0
  43. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-contexts.sgml +138 -0
  44. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keys.sgml +26 -0
  45. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-keysmngr.sgml +592 -0
  46. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-transforms.sgml +67 -0
  47. data/vendor/xmlsec1-1.2.18/docs/api/chapters/using-x509-certs.sgml +197 -0
  48. data/vendor/xmlsec1-1.2.18/docs/api/chapters/verify-and-decrypt.sgml +265 -0
  49. data/vendor/xmlsec1-1.2.18/docs/api/home.png +0 -0
  50. data/vendor/xmlsec1-1.2.18/docs/api/images/diagrams.sxd +0 -0
  51. data/vendor/xmlsec1-1.2.18/docs/api/images/encryption-structure.png +0 -0
  52. data/vendor/xmlsec1-1.2.18/docs/api/images/key.png +0 -0
  53. data/vendor/xmlsec1-1.2.18/docs/api/images/keysmngr.png +0 -0
  54. data/vendor/xmlsec1-1.2.18/docs/api/images/sign-enc-model.png +0 -0
  55. data/vendor/xmlsec1-1.2.18/docs/api/images/signature-structure.png +0 -0
  56. data/vendor/xmlsec1-1.2.18/docs/api/images/structure.png +0 -0
  57. data/vendor/xmlsec1-1.2.18/docs/api/images/transform.png +0 -0
  58. data/vendor/xmlsec1-1.2.18/docs/api/images/transforms-chain.png +0 -0
  59. data/vendor/xmlsec1-1.2.18/docs/api/images/verif-dec-model.png +0 -0
  60. data/vendor/xmlsec1-1.2.18/docs/api/index.html +307 -0
  61. data/vendor/xmlsec1-1.2.18/docs/api/index.sgml +43 -0
  62. data/vendor/xmlsec1-1.2.18/docs/api/left.png +0 -0
  63. data/vendor/xmlsec1-1.2.18/docs/api/right.png +0 -0
  64. data/vendor/xmlsec1-1.2.18/docs/api/up.png +0 -0
  65. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-app.html +1525 -0
  66. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-base64.html +357 -0
  67. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-bn.html +705 -0
  68. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-buffer.html +603 -0
  69. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-custom-keys-manager.html +475 -0
  70. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-keys-mngr.html +396 -0
  71. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-decrypt-with-signle-key.html +326 -0
  72. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-dl.html +245 -0
  73. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-dynamic-template.html +386 -0
  74. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-template-file.html +364 -0
  75. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encrypt-with-session-key.html +495 -0
  76. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-encryption-klasses.html +101 -0
  77. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-errors.html +744 -0
  78. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-dynamimc-template.html +406 -0
  79. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-template-file.html +388 -0
  80. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples-sign-x509.html +447 -0
  81. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-examples.html +119 -0
  82. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-app.html +578 -0
  83. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-crypto.html +1128 -0
  84. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt-ref.html +107 -0
  85. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gcrypt.sgml +15 -0
  86. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-app.html +576 -0
  87. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-crypto.html +1076 -0
  88. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls-ref.html +107 -0
  89. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-gnutls.sgml +15 -0
  90. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.html +1570 -0
  91. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-index.sgml +1471 -0
  92. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-io.html +226 -0
  93. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keyinfo.html +700 -0
  94. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keys.html +1161 -0
  95. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysdata.html +2067 -0
  96. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-keysmngr.html +743 -0
  97. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-list.html +643 -0
  98. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-membuf.html +143 -0
  99. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-app.html +747 -0
  100. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-certkeys.html +252 -0
  101. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-crypto.html +1153 -0
  102. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-keysstore.html +209 -0
  103. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-ref.html +113 -0
  104. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto-x509.html +478 -0
  105. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-mscrypto.sgml +21 -0
  106. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nodeset.html +542 -0
  107. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-others.html +102 -0
  108. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-unix.html +223 -0
  109. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling-windows.html +138 -0
  110. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-compiling.html +117 -0
  111. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-contexts.html +229 -0
  112. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-custom-keys-store.html +250 -0
  113. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-decrypt.html +205 -0
  114. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-encryption-templates.html +240 -0
  115. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-dynamic-signature-templates.html +250 -0
  116. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-encrypt.html +223 -0
  117. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-include-files.html +141 -0
  118. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-init-shutdown.html +194 -0
  119. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-manager-sign-enc.html +307 -0
  120. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys-mngr-verify-decrypt.html +179 -0
  121. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keys.html +120 -0
  122. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-keysmngr.html +140 -0
  123. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-functions.html +151 -0
  124. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-key-stores.html +83 -0
  125. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-keys.html +103 -0
  126. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-klasses.html +217 -0
  127. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-sharing-results.html +125 -0
  128. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-simple-keys-mngr.html +102 -0
  129. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-skeleton.html +254 -0
  130. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto-transforms.html +170 -0
  131. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-new-crypto.html +136 -0
  132. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-overview.html +102 -0
  133. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-encrypt.html +120 -0
  134. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign-x509.html +176 -0
  135. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-sign.html +210 -0
  136. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-simple-keys-store.html +177 -0
  137. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-structure.html +115 -0
  138. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-templates.html +114 -0
  139. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-transforms.html +154 -0
  140. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-decrypt.html +120 -0
  141. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify-x509.html +180 -0
  142. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-verify.html +210 -0
  143. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes-x509.html +114 -0
  144. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-notes.html +115 -0
  145. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-app.html +740 -0
  146. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-bignum.html +176 -0
  147. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-crypto.html +978 -0
  148. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-keysstore.html +209 -0
  149. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-pkikeys.html +211 -0
  150. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-ref.html +115 -0
  151. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss-x509.html +467 -0
  152. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-nss.sgml +23 -0
  153. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-app.html +800 -0
  154. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-bn.html +170 -0
  155. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-crypto.html +1329 -0
  156. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-evp.html +184 -0
  157. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-ref.html +113 -0
  158. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl-x509.html +567 -0
  159. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-openssl.sgml +21 -0
  160. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-parser.html +223 -0
  161. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-ref.html +149 -0
  162. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-reference.html +106 -0
  163. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-signature-klasses.html +101 -0
  164. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-templates.html +1290 -0
  165. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-transforms.html +3059 -0
  166. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-key.html +318 -0
  167. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-keys-mngr.html +388 -0
  168. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-restrictions.html +715 -0
  169. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-verify-with-x509.html +369 -0
  170. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-version.html +143 -0
  171. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-x509.html +181 -0
  172. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmldsig.html +853 -0
  173. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlenc.html +584 -0
  174. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmlsec.html +300 -0
  175. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec-xmltree.html +1529 -0
  176. data/vendor/xmlsec1-1.2.18/docs/api/xmlsec.sgml +307 -0
  177. data/vendor/xmlsec1-1.2.18/docs/authors.html +59 -0
  178. data/vendor/xmlsec1-1.2.18/docs/bugs.html +106 -0
  179. data/vendor/xmlsec1-1.2.18/docs/c14n.html +73 -0
  180. data/vendor/xmlsec1-1.2.18/docs/documentation.html +65 -0
  181. data/vendor/xmlsec1-1.2.18/docs/download.html +115 -0
  182. data/vendor/xmlsec1-1.2.18/docs/faq.html +449 -0
  183. data/vendor/xmlsec1-1.2.18/docs/images/bart.gif +0 -0
  184. data/vendor/xmlsec1-1.2.18/docs/images/libxml2-logo.png +0 -0
  185. data/vendor/xmlsec1-1.2.18/docs/images/libxslt-logo.png +0 -0
  186. data/vendor/xmlsec1-1.2.18/docs/images/logo.gif +0 -0
  187. data/vendor/xmlsec1-1.2.18/docs/images/openssl-logo.png +0 -0
  188. data/vendor/xmlsec1-1.2.18/docs/images/xmlsec-logo.gif +0 -0
  189. data/vendor/xmlsec1-1.2.18/docs/index.html +109 -0
  190. data/vendor/xmlsec1-1.2.18/docs/news.html +545 -0
  191. data/vendor/xmlsec1-1.2.18/docs/related.html +165 -0
  192. data/vendor/xmlsec1-1.2.18/docs/xmldsig-verifier.html +138 -0
  193. data/vendor/xmlsec1-1.2.18/docs/xmldsig.html +646 -0
  194. data/vendor/xmlsec1-1.2.18/docs/xmlenc.html +464 -0
  195. data/vendor/xmlsec1-1.2.18/docs/xmlsec-man.html +291 -0
  196. data/vendor/xmlsec1-1.2.18/docs/xmlsec.xsl +194 -0
  197. data/vendor/xmlsec1-1.2.18/examples/Makefile +40 -0
  198. data/vendor/xmlsec1-1.2.18/examples/Makefile.w32 +88 -0
  199. data/vendor/xmlsec1-1.2.18/examples/README +126 -0
  200. data/vendor/xmlsec1-1.2.18/examples/binary.dat +1 -0
  201. data/vendor/xmlsec1-1.2.18/examples/decrypt1.c +223 -0
  202. data/vendor/xmlsec1-1.2.18/examples/decrypt2.c +293 -0
  203. data/vendor/xmlsec1-1.2.18/examples/decrypt3.c +372 -0
  204. data/vendor/xmlsec1-1.2.18/examples/deskey.bin +1 -0
  205. data/vendor/xmlsec1-1.2.18/examples/encrypt1-res.xml +13 -0
  206. data/vendor/xmlsec1-1.2.18/examples/encrypt1-tmpl.xml +13 -0
  207. data/vendor/xmlsec1-1.2.18/examples/encrypt1.c +219 -0
  208. data/vendor/xmlsec1-1.2.18/examples/encrypt2-doc.xml +9 -0
  209. data/vendor/xmlsec1-1.2.18/examples/encrypt2-res.xml +14 -0
  210. data/vendor/xmlsec1-1.2.18/examples/encrypt2.c +244 -0
  211. data/vendor/xmlsec1-1.2.18/examples/encrypt3-doc.xml +9 -0
  212. data/vendor/xmlsec1-1.2.18/examples/encrypt3-res.xml +27 -0
  213. data/vendor/xmlsec1-1.2.18/examples/encrypt3.c +340 -0
  214. data/vendor/xmlsec1-1.2.18/examples/mywin32make.bat +18 -0
  215. data/vendor/xmlsec1-1.2.18/examples/rootcert.pem +25 -0
  216. data/vendor/xmlsec1-1.2.18/examples/rsacert.pem +83 -0
  217. data/vendor/xmlsec1-1.2.18/examples/rsakey.pem +27 -0
  218. data/vendor/xmlsec1-1.2.18/examples/rsapub.pem +9 -0
  219. data/vendor/xmlsec1-1.2.18/examples/sign1-res.xml +31 -0
  220. data/vendor/xmlsec1-1.2.18/examples/sign1-tmpl.xml +27 -0
  221. data/vendor/xmlsec1-1.2.18/examples/sign1.c +212 -0
  222. data/vendor/xmlsec1-1.2.18/examples/sign2-doc.xml +9 -0
  223. data/vendor/xmlsec1-1.2.18/examples/sign2-res.xml +30 -0
  224. data/vendor/xmlsec1-1.2.18/examples/sign2.c +248 -0
  225. data/vendor/xmlsec1-1.2.18/examples/sign3-doc.xml +9 -0
  226. data/vendor/xmlsec1-1.2.18/examples/sign3-res.xml +58 -0
  227. data/vendor/xmlsec1-1.2.18/examples/sign3.c +261 -0
  228. data/vendor/xmlsec1-1.2.18/examples/verify1.c +215 -0
  229. data/vendor/xmlsec1-1.2.18/examples/verify2.c +285 -0
  230. data/vendor/xmlsec1-1.2.18/examples/verify3.c +266 -0
  231. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-res.xml +90 -0
  232. data/vendor/xmlsec1-1.2.18/examples/verify4-bad-tmpl.xml +54 -0
  233. data/vendor/xmlsec1-1.2.18/examples/verify4-res.xml +80 -0
  234. data/vendor/xmlsec1-1.2.18/examples/verify4-tmpl.xml +47 -0
  235. data/vendor/xmlsec1-1.2.18/examples/verify4.c +309 -0
  236. data/vendor/xmlsec1-1.2.18/examples/xkms-server.c +839 -0
  237. data/vendor/xmlsec1-1.2.18/examples/xmldsigverify.c +381 -0
  238. data/vendor/xmlsec1-1.2.18/include/Makefile.am +4 -0
  239. data/vendor/xmlsec1-1.2.18/include/Makefile.in +656 -0
  240. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.am +63 -0
  241. data/vendor/xmlsec1-1.2.18/include/xmlsec/Makefile.in +767 -0
  242. data/vendor/xmlsec1-1.2.18/include/xmlsec/app.h +424 -0
  243. data/vendor/xmlsec1-1.2.18/include/xmlsec/base64.h +67 -0
  244. data/vendor/xmlsec1-1.2.18/include/xmlsec/bn.h +99 -0
  245. data/vendor/xmlsec1-1.2.18/include/xmlsec/buffer.h +108 -0
  246. data/vendor/xmlsec1-1.2.18/include/xmlsec/crypto.h +75 -0
  247. data/vendor/xmlsec1-1.2.18/include/xmlsec/dl.h +56 -0
  248. data/vendor/xmlsec1-1.2.18/include/xmlsec/errors.h +504 -0
  249. data/vendor/xmlsec1-1.2.18/include/xmlsec/exports.h +111 -0
  250. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.am +13 -0
  251. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/Makefile.in +564 -0
  252. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/app.h +96 -0
  253. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/crypto.h +460 -0
  254. data/vendor/xmlsec1-1.2.18/include/xmlsec/gcrypt/symbols.h +104 -0
  255. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.am +14 -0
  256. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/Makefile.in +565 -0
  257. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/app.h +96 -0
  258. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/crypto.h +462 -0
  259. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/symbols.h +104 -0
  260. data/vendor/xmlsec1-1.2.18/include/xmlsec/gnutls/x509.h +110 -0
  261. data/vendor/xmlsec1-1.2.18/include/xmlsec/io.h +54 -0
  262. data/vendor/xmlsec1-1.2.18/include/xmlsec/keyinfo.h +285 -0
  263. data/vendor/xmlsec1-1.2.18/include/xmlsec/keys.h +278 -0
  264. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysdata.h +837 -0
  265. data/vendor/xmlsec1-1.2.18/include/xmlsec/keysmngr.h +264 -0
  266. data/vendor/xmlsec1-1.2.18/include/xmlsec/list.h +194 -0
  267. data/vendor/xmlsec1-1.2.18/include/xmlsec/membuf.h +44 -0
  268. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.am +16 -0
  269. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/Makefile.in +567 -0
  270. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/app.h +116 -0
  271. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/certkeys.h +42 -0
  272. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/crypto.h +516 -0
  273. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/keysstore.h +48 -0
  274. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/symbols.h +114 -0
  275. data/vendor/xmlsec1-1.2.18/include/xmlsec/mscrypto/x509.h +92 -0
  276. data/vendor/xmlsec1-1.2.18/include/xmlsec/nodeset.h +139 -0
  277. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.am +17 -0
  278. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/Makefile.in +568 -0
  279. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/app.h +118 -0
  280. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/bignum.h +37 -0
  281. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/crypto.h +469 -0
  282. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/keysstore.h +46 -0
  283. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/pkikeys.h +44 -0
  284. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/symbols.h +106 -0
  285. data/vendor/xmlsec1-1.2.18/include/xmlsec/nss/x509.h +91 -0
  286. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.am +16 -0
  287. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/Makefile.in +567 -0
  288. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/app.h +128 -0
  289. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/bn.h +35 -0
  290. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/crypto.h +561 -0
  291. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/evp.h +44 -0
  292. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/symbols.h +123 -0
  293. data/vendor/xmlsec1-1.2.18/include/xmlsec/openssl/x509.h +109 -0
  294. data/vendor/xmlsec1-1.2.18/include/xmlsec/parser.h +51 -0
  295. data/vendor/xmlsec1-1.2.18/include/xmlsec/private.h +489 -0
  296. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.am +12 -0
  297. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/Makefile.in +563 -0
  298. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xkms.h +121 -0
  299. data/vendor/xmlsec1-1.2.18/include/xmlsec/private/xslt.h +34 -0
  300. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/Makefile.am +13 -0
  301. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/app.h +97 -0
  302. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/crypto.h +40 -0
  303. data/vendor/xmlsec1-1.2.18/include/xmlsec/skeleton/symbols.h +117 -0
  304. data/vendor/xmlsec1-1.2.18/include/xmlsec/soap.h +130 -0
  305. data/vendor/xmlsec1-1.2.18/include/xmlsec/strings.h +610 -0
  306. data/vendor/xmlsec1-1.2.18/include/xmlsec/templates.h +162 -0
  307. data/vendor/xmlsec1-1.2.18/include/xmlsec/transforms.h +994 -0
  308. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h +61 -0
  309. data/vendor/xmlsec1-1.2.18/include/xmlsec/version.h.in +61 -0
  310. data/vendor/xmlsec1-1.2.18/include/xmlsec/x509.h +80 -0
  311. data/vendor/xmlsec1-1.2.18/include/xmlsec/xkms.h +652 -0
  312. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmldsig.h +281 -0
  313. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlenc.h +163 -0
  314. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmlsec.h +216 -0
  315. data/vendor/xmlsec1-1.2.18/include/xmlsec/xmltree.h +275 -0
  316. data/vendor/xmlsec1-1.2.18/install-sh +520 -0
  317. data/vendor/xmlsec1-1.2.18/ltmain.sh +8413 -0
  318. data/vendor/xmlsec1-1.2.18/m4/libtool.m4 +7377 -0
  319. data/vendor/xmlsec1-1.2.18/m4/ltoptions.m4 +368 -0
  320. data/vendor/xmlsec1-1.2.18/m4/ltsugar.m4 +123 -0
  321. data/vendor/xmlsec1-1.2.18/m4/ltversion.m4 +23 -0
  322. data/vendor/xmlsec1-1.2.18/m4/lt~obsolete.m4 +92 -0
  323. data/vendor/xmlsec1-1.2.18/man/Makefile.am +52 -0
  324. data/vendor/xmlsec1-1.2.18/man/Makefile.in +582 -0
  325. data/vendor/xmlsec1-1.2.18/man/xmlsec1-config.1 +34 -0
  326. data/vendor/xmlsec1-1.2.18/man/xmlsec1.1 +269 -0
  327. data/vendor/xmlsec1-1.2.18/missing +376 -0
  328. data/vendor/xmlsec1-1.2.18/scripts/build_release.sh +33 -0
  329. data/vendor/xmlsec1-1.2.18/scripts/change-release.sh +34 -0
  330. data/vendor/xmlsec1-1.2.18/scripts/push_release.sh +30 -0
  331. data/vendor/xmlsec1-1.2.18/scripts/remove-gtkdoclink.pl +20 -0
  332. data/vendor/xmlsec1-1.2.18/scripts/test_errors.pl +38 -0
  333. data/vendor/xmlsec1-1.2.18/scripts/test_release.sh +12 -0
  334. data/vendor/xmlsec1-1.2.18/src/Makefile.am +71 -0
  335. data/vendor/xmlsec1-1.2.18/src/Makefile.in +878 -0
  336. data/vendor/xmlsec1-1.2.18/src/app.c +1498 -0
  337. data/vendor/xmlsec1-1.2.18/src/base64.c +1034 -0
  338. data/vendor/xmlsec1-1.2.18/src/bn.c +1060 -0
  339. data/vendor/xmlsec1-1.2.18/src/buffer.c +674 -0
  340. data/vendor/xmlsec1-1.2.18/src/c14n.c +801 -0
  341. data/vendor/xmlsec1-1.2.18/src/dl.c +994 -0
  342. data/vendor/xmlsec1-1.2.18/src/enveloped.c +152 -0
  343. data/vendor/xmlsec1-1.2.18/src/errors.c +242 -0
  344. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.am +55 -0
  345. data/vendor/xmlsec1-1.2.18/src/gcrypt/Makefile.in +764 -0
  346. data/vendor/xmlsec1-1.2.18/src/gcrypt/README +9 -0
  347. data/vendor/xmlsec1-1.2.18/src/gcrypt/app.c +663 -0
  348. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.c +602 -0
  349. data/vendor/xmlsec1-1.2.18/src/gcrypt/asn1.h +39 -0
  350. data/vendor/xmlsec1-1.2.18/src/gcrypt/asymkeys.c +1920 -0
  351. data/vendor/xmlsec1-1.2.18/src/gcrypt/ciphers.c +855 -0
  352. data/vendor/xmlsec1-1.2.18/src/gcrypt/crypto.c +315 -0
  353. data/vendor/xmlsec1-1.2.18/src/gcrypt/digests.c +614 -0
  354. data/vendor/xmlsec1-1.2.18/src/gcrypt/globals.h +30 -0
  355. data/vendor/xmlsec1-1.2.18/src/gcrypt/hmac.c +823 -0
  356. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_aes.c +593 -0
  357. data/vendor/xmlsec1-1.2.18/src/gcrypt/kw_des.c +607 -0
  358. data/vendor/xmlsec1-1.2.18/src/gcrypt/signatures.c +1490 -0
  359. data/vendor/xmlsec1-1.2.18/src/gcrypt/symkeys.c +441 -0
  360. data/vendor/xmlsec1-1.2.18/src/globals.h +25 -0
  361. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.am +58 -0
  362. data/vendor/xmlsec1-1.2.18/src/gnutls/Makefile.in +786 -0
  363. data/vendor/xmlsec1-1.2.18/src/gnutls/README +6 -0
  364. data/vendor/xmlsec1-1.2.18/src/gnutls/app.c +998 -0
  365. data/vendor/xmlsec1-1.2.18/src/gnutls/asymkeys.c +455 -0
  366. data/vendor/xmlsec1-1.2.18/src/gnutls/ciphers.c +82 -0
  367. data/vendor/xmlsec1-1.2.18/src/gnutls/crypto.c +351 -0
  368. data/vendor/xmlsec1-1.2.18/src/gnutls/digests.c +112 -0
  369. data/vendor/xmlsec1-1.2.18/src/gnutls/globals.h +31 -0
  370. data/vendor/xmlsec1-1.2.18/src/gnutls/hmac.c +141 -0
  371. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_aes.c +72 -0
  372. data/vendor/xmlsec1-1.2.18/src/gnutls/kw_des.c +51 -0
  373. data/vendor/xmlsec1-1.2.18/src/gnutls/signatures.c +148 -0
  374. data/vendor/xmlsec1-1.2.18/src/gnutls/symkeys.c +125 -0
  375. data/vendor/xmlsec1-1.2.18/src/gnutls/x509.c +1960 -0
  376. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.c +1687 -0
  377. data/vendor/xmlsec1-1.2.18/src/gnutls/x509utils.h +143 -0
  378. data/vendor/xmlsec1-1.2.18/src/gnutls/x509vfy.c +802 -0
  379. data/vendor/xmlsec1-1.2.18/src/io.c +496 -0
  380. data/vendor/xmlsec1-1.2.18/src/keyinfo.c +1561 -0
  381. data/vendor/xmlsec1-1.2.18/src/keys.c +1415 -0
  382. data/vendor/xmlsec1-1.2.18/src/keysdata.c +1387 -0
  383. data/vendor/xmlsec1-1.2.18/src/keysmngr.c +745 -0
  384. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.c +493 -0
  385. data/vendor/xmlsec1-1.2.18/src/kw_aes_des.h +148 -0
  386. data/vendor/xmlsec1-1.2.18/src/list.c +534 -0
  387. data/vendor/xmlsec1-1.2.18/src/membuf.c +209 -0
  388. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.am +62 -0
  389. data/vendor/xmlsec1-1.2.18/src/mscrypto/Makefile.in +799 -0
  390. data/vendor/xmlsec1-1.2.18/src/mscrypto/README +39 -0
  391. data/vendor/xmlsec1-1.2.18/src/mscrypto/app.c +1289 -0
  392. data/vendor/xmlsec1-1.2.18/src/mscrypto/certkeys.c +2615 -0
  393. data/vendor/xmlsec1-1.2.18/src/mscrypto/ciphers.c +937 -0
  394. data/vendor/xmlsec1-1.2.18/src/mscrypto/crypto.c +889 -0
  395. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_calg.h +105 -0
  396. data/vendor/xmlsec1-1.2.18/src/mscrypto/csp_oid.h +114 -0
  397. data/vendor/xmlsec1-1.2.18/src/mscrypto/digests.c +668 -0
  398. data/vendor/xmlsec1-1.2.18/src/mscrypto/globals.h +39 -0
  399. data/vendor/xmlsec1-1.2.18/src/mscrypto/hmac.c +963 -0
  400. data/vendor/xmlsec1-1.2.18/src/mscrypto/keysstore.c +620 -0
  401. data/vendor/xmlsec1-1.2.18/src/mscrypto/kt_rsa.c +631 -0
  402. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_aes.c +662 -0
  403. data/vendor/xmlsec1-1.2.18/src/mscrypto/kw_des.c +730 -0
  404. data/vendor/xmlsec1-1.2.18/src/mscrypto/mingw-crypt32.def +36 -0
  405. data/vendor/xmlsec1-1.2.18/src/mscrypto/private.h +130 -0
  406. data/vendor/xmlsec1-1.2.18/src/mscrypto/signatures.c +960 -0
  407. data/vendor/xmlsec1-1.2.18/src/mscrypto/symkeys.c +824 -0
  408. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509.c +2281 -0
  409. data/vendor/xmlsec1-1.2.18/src/mscrypto/x509vfy.c +1406 -0
  410. data/vendor/xmlsec1-1.2.18/src/mscrypto/xmlsec-mingw.h +210 -0
  411. data/vendor/xmlsec1-1.2.18/src/nodeset.c +610 -0
  412. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.am +57 -0
  413. data/vendor/xmlsec1-1.2.18/src/nss/Makefile.in +798 -0
  414. data/vendor/xmlsec1-1.2.18/src/nss/README +128 -0
  415. data/vendor/xmlsec1-1.2.18/src/nss/app.c +1598 -0
  416. data/vendor/xmlsec1-1.2.18/src/nss/bignum.c +163 -0
  417. data/vendor/xmlsec1-1.2.18/src/nss/ciphers.c +838 -0
  418. data/vendor/xmlsec1-1.2.18/src/nss/crypto.c +444 -0
  419. data/vendor/xmlsec1-1.2.18/src/nss/digests.c +576 -0
  420. data/vendor/xmlsec1-1.2.18/src/nss/globals.h +24 -0
  421. data/vendor/xmlsec1-1.2.18/src/nss/hmac.c +855 -0
  422. data/vendor/xmlsec1-1.2.18/src/nss/keysstore.c +485 -0
  423. data/vendor/xmlsec1-1.2.18/src/nss/keytrans.c +753 -0
  424. data/vendor/xmlsec1-1.2.18/src/nss/kw_aes.c +681 -0
  425. data/vendor/xmlsec1-1.2.18/src/nss/kw_des.c +663 -0
  426. data/vendor/xmlsec1-1.2.18/src/nss/pkikeys.c +1554 -0
  427. data/vendor/xmlsec1-1.2.18/src/nss/signatures.c +841 -0
  428. data/vendor/xmlsec1-1.2.18/src/nss/symkeys.c +440 -0
  429. data/vendor/xmlsec1-1.2.18/src/nss/x509.c +2223 -0
  430. data/vendor/xmlsec1-1.2.18/src/nss/x509vfy.c +808 -0
  431. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.am +56 -0
  432. data/vendor/xmlsec1-1.2.18/src/openssl/Makefile.in +790 -0
  433. data/vendor/xmlsec1-1.2.18/src/openssl/README +17 -0
  434. data/vendor/xmlsec1-1.2.18/src/openssl/app.c +1628 -0
  435. data/vendor/xmlsec1-1.2.18/src/openssl/bn.c +163 -0
  436. data/vendor/xmlsec1-1.2.18/src/openssl/ciphers.c +856 -0
  437. data/vendor/xmlsec1-1.2.18/src/openssl/crypto.c +491 -0
  438. data/vendor/xmlsec1-1.2.18/src/openssl/digests.c +682 -0
  439. data/vendor/xmlsec1-1.2.18/src/openssl/evp.c +1559 -0
  440. data/vendor/xmlsec1-1.2.18/src/openssl/globals.h +24 -0
  441. data/vendor/xmlsec1-1.2.18/src/openssl/hmac.c +857 -0
  442. data/vendor/xmlsec1-1.2.18/src/openssl/kt_rsa.c +876 -0
  443. data/vendor/xmlsec1-1.2.18/src/openssl/kw_aes.c +513 -0
  444. data/vendor/xmlsec1-1.2.18/src/openssl/kw_des.c +563 -0
  445. data/vendor/xmlsec1-1.2.18/src/openssl/signatures.c +1065 -0
  446. data/vendor/xmlsec1-1.2.18/src/openssl/symkeys.c +447 -0
  447. data/vendor/xmlsec1-1.2.18/src/openssl/x509.c +2414 -0
  448. data/vendor/xmlsec1-1.2.18/src/openssl/x509vfy.c +1284 -0
  449. data/vendor/xmlsec1-1.2.18/src/parser.c +571 -0
  450. data/vendor/xmlsec1-1.2.18/src/skeleton/Makefile.am +45 -0
  451. data/vendor/xmlsec1-1.2.18/src/skeleton/README +0 -0
  452. data/vendor/xmlsec1-1.2.18/src/skeleton/app.c +499 -0
  453. data/vendor/xmlsec1-1.2.18/src/skeleton/crypto.c +260 -0
  454. data/vendor/xmlsec1-1.2.18/src/skeleton/globals.h +24 -0
  455. data/vendor/xmlsec1-1.2.18/src/soap.c +1322 -0
  456. data/vendor/xmlsec1-1.2.18/src/strings.c +597 -0
  457. data/vendor/xmlsec1-1.2.18/src/templates.c +2091 -0
  458. data/vendor/xmlsec1-1.2.18/src/transforms.c +2902 -0
  459. data/vendor/xmlsec1-1.2.18/src/x509.c +97 -0
  460. data/vendor/xmlsec1-1.2.18/src/xkms.c +4981 -0
  461. data/vendor/xmlsec1-1.2.18/src/xmldsig.c +1795 -0
  462. data/vendor/xmlsec1-1.2.18/src/xmlenc.c +1339 -0
  463. data/vendor/xmlsec1-1.2.18/src/xmlsec.c +185 -0
  464. data/vendor/xmlsec1-1.2.18/src/xmltree.c +1908 -0
  465. data/vendor/xmlsec1-1.2.18/src/xpath.c +1148 -0
  466. data/vendor/xmlsec1-1.2.18/src/xslt.c +617 -0
  467. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/Readme.txt +52 -0
  468. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des.xml +29 -0
  469. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/dh-priv-key.der +0 -0
  470. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data +9 -0
  471. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.tmpl +22 -0
  472. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.xml +30 -0
  473. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data +9 -0
  474. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.tmpl +22 -0
  475. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.xml +30 -0
  476. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data +9 -0
  477. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.tmpl +22 -0
  478. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.xml +30 -0
  479. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data +9 -0
  480. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.tmpl +24 -0
  481. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.xml +63 -0
  482. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-ka-dh.xml +83 -0
  483. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data +9 -0
  484. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.tmpl +23 -0
  485. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.xml +61 -0
  486. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data +9 -0
  487. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.tmpl +22 -0
  488. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.xml +63 -0
  489. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml +63 -0
  490. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml +63 -0
  491. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data +9 -0
  492. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.tmpl +22 -0
  493. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-3des-kw-3des.xml +29 -0
  494. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-ka-dh.xml +83 -0
  495. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data +9 -0
  496. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.tmpl +20 -0
  497. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.xml +61 -0
  498. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data +9 -0
  499. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.tmpl +22 -0
  500. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.xml +63 -0
  501. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data +9 -0
  502. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.tmpl +22 -0
  503. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.xml +29 -0
  504. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data +9 -0
  505. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.tmpl +22 -0
  506. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.xml +29 -0
  507. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-ka-dh.xml +83 -0
  508. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data +9 -0
  509. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.tmpl +22 -0
  510. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.xml +63 -0
  511. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data +9 -0
  512. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.tmpl +22 -0
  513. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.xml +29 -0
  514. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-ka-dh.xml +83 -0
  515. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data +9 -0
  516. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.tmpl +22 -0
  517. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.xml +29 -0
  518. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data +9 -0
  519. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.tmpl +23 -0
  520. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.xml +32 -0
  521. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data +9 -0
  522. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.tmpl +21 -0
  523. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.xml +28 -0
  524. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data +9 -0
  525. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.tmpl +20 -0
  526. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.xml +62 -0
  527. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data +9 -0
  528. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.tmpl +22 -0
  529. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.xml +64 -0
  530. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/key.txt +117 -0
  531. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/keys.xml +61 -0
  532. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/payment.xml +9 -0
  533. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.der +0 -0
  534. data/vendor/xmlsec1-1.2.18/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 +0 -0
  535. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name-not-supported.xml +2 -0
  536. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/bad-request-name.xml +10 -0
  537. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1-no-match.xml +7 -0
  538. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/compound-example-1.xml +51 -0
  539. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.der +0 -0
  540. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert1.pem +26 -0
  541. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.der +0 -0
  542. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert2.pem +25 -0
  543. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.der +0 -0
  544. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/cert3.pem +24 -0
  545. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/create-keys.sh +73 -0
  546. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1-pk8.der +0 -0
  547. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.der +0 -0
  548. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.p12 +0 -0
  549. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key1.pem +18 -0
  550. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2-pk8.der +0 -0
  551. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.der +0 -0
  552. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.p12 +0 -0
  553. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key2.pem +9 -0
  554. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3-pk8.der +0 -0
  555. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.der +0 -0
  556. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.p12 +0 -0
  557. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/key3.pem +9 -0
  558. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/openssl.cnf +106 -0
  559. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req2.pem +11 -0
  560. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/keys/req3.pem +11 -0
  561. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-bad-service.xml +2 -0
  562. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1-no-match.xml +2 -0
  563. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-1.xml +18 -0
  564. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2-no-match.xml +2 -0
  565. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-example-2.xml +39 -0
  566. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data-no-match.xml +2 -0
  567. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/locate-opaque-client-data.xml +32 -0
  568. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/readme.txt +117 -0
  569. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name-msg-invalid.xml +9 -0
  570. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-bad-request-name.xml +14 -0
  571. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-no-match.xml +6 -0
  572. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1-unsupported.xml +13 -0
  573. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap11-locate-example-1.xml +23 -0
  574. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name-msg-invalid.xml +11 -0
  575. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-bad-request-name.xml +14 -0
  576. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-no-match.xml +6 -0
  577. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1-unsupported.xml +9 -0
  578. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/soap12-locate-example-1.xml +23 -0
  579. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request-success.xml +2 -0
  580. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/status-request.xml +7 -0
  581. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1-no-match.xml +2 -0
  582. data/vendor/xmlsec1-1.2.18/tests/aleksey-xkms-01/validate-example-1.xml +65 -0
  583. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/README +47 -0
  584. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.dtd +1 -0
  585. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.tmpl +27 -0
  586. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/dtd-hmac-91.xml +27 -0
  587. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.tmpl +31 -0
  588. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloped-gost.xml +42 -0
  589. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.tmpl +18 -0
  590. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-dsa-x509chain.xml +87 -0
  591. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl +18 -0
  592. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-expired-cert.xml +85 -0
  593. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.tmpl +16 -0
  594. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5-64.xml +15 -0
  595. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.tmpl +14 -0
  596. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-hmac-md5.xml +13 -0
  597. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.tmpl +17 -0
  598. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-md5-rsa-md5.xml +85 -0
  599. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.tmpl +16 -0
  600. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64.xml +15 -0
  601. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.tmpl +14 -0
  602. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160.xml +13 -0
  603. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.tmpl +17 -0
  604. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160.xml +85 -0
  605. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.tmpl +18 -0
  606. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-rsa-x509chain.xml +85 -0
  607. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.tmpl +16 -0
  608. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64.xml +15 -0
  609. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.tmpl +14 -0
  610. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-hmac-sha1.xml +13 -0
  611. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.tmpl +17 -0
  612. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha1-rsa-sha1.xml +85 -0
  613. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.tmpl +16 -0
  614. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64.xml +15 -0
  615. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.tmpl +14 -0
  616. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-hmac-sha224.xml +13 -0
  617. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.tmpl +17 -0
  618. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha224-rsa-sha224.xml +85 -0
  619. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.tmpl +16 -0
  620. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64.xml +15 -0
  621. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.tmpl +14 -0
  622. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-hmac-sha256.xml +13 -0
  623. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.tmpl +17 -0
  624. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha256-rsa-sha256.xml +85 -0
  625. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.tmpl +16 -0
  626. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64.xml +15 -0
  627. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.tmpl +14 -0
  628. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-hmac-sha384.xml +13 -0
  629. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.tmpl +17 -0
  630. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha384-rsa-sha384.xml +103 -0
  631. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.tmpl +16 -0
  632. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64.xml +16 -0
  633. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.tmpl +14 -0
  634. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-hmac-sha512.xml +15 -0
  635. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.tmpl +17 -0
  636. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/enveloping-sha512-rsa-sha512.xml +104 -0
  637. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.tmpl +27 -0
  638. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-sn-test.xml +40 -0
  639. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.tmpl +31 -0
  640. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/x509data-test.xml +117 -0
  641. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.tmpl +29 -0
  642. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmldsig-01/xpointer-hmac.xml +28 -0
  643. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.data +1 -0
  644. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.tmpl +11 -0
  645. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes128cbc-keyname.xml +12 -0
  646. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.data +1 -0
  647. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname-ref.xml +21 -0
  648. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.data +1 -0
  649. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.tmpl +11 -0
  650. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes192cbc-keyname.xml +12 -0
  651. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.data +1 -0
  652. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.tmpl +10 -0
  653. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-aes256cbc-keyname.xml +12 -0
  654. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data +1 -0
  655. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.tmpl +16 -0
  656. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.xml +18 -0
  657. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data +7 -0
  658. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.tmpl +11 -0
  659. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-content.xml +15 -0
  660. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data +7 -0
  661. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.tmpl +11 -0
  662. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.xml +15 -0
  663. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data +9 -0
  664. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.tmpl +11 -0
  665. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname-element.xml +17 -0
  666. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.data +1 -0
  667. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.tmpl +8 -0
  668. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname.xml +8 -0
  669. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.data +1 -0
  670. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.tmpl +10 -0
  671. data/vendor/xmlsec1-1.2.18/tests/aleksey-xmlenc-01/enc-des3cbc-keyname2.xml +12 -0
  672. data/vendor/xmlsec1-1.2.18/tests/keys/README +203 -0
  673. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.der +0 -0
  674. data/vendor/xmlsec1-1.2.18/tests/keys/ca2cert.pem +66 -0
  675. data/vendor/xmlsec1-1.2.18/tests/keys/ca2key.pem +9 -0
  676. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.der +0 -0
  677. data/vendor/xmlsec1-1.2.18/tests/keys/cacert.pem +72 -0
  678. data/vendor/xmlsec1-1.2.18/tests/keys/cakey.pem +18 -0
  679. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/cacert.pem +72 -0
  680. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/careq.pem +14 -0
  681. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/index.txt +6 -0
  682. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/01.pem +65 -0
  683. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/02.pem +93 -0
  684. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/03.pem +60 -0
  685. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/04.pem +60 -0
  686. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/newcerts/05.pem +83 -0
  687. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/private/cakey.pem +18 -0
  688. data/vendor/xmlsec1-1.2.18/tests/keys/demoCA/serial +1 -0
  689. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.der +0 -0
  690. data/vendor/xmlsec1-1.2.18/tests/keys/dsacert.pem +78 -0
  691. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.der +0 -0
  692. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p12 +0 -0
  693. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-der +0 -0
  694. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.p8-pem +8 -0
  695. data/vendor/xmlsec1-1.2.18/tests/keys/dsakey.pem +14 -0
  696. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.der +0 -0
  697. data/vendor/xmlsec1-1.2.18/tests/keys/expiredcert.pem +61 -0
  698. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.der +0 -0
  699. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.p12 +0 -0
  700. data/vendor/xmlsec1-1.2.18/tests/keys/expiredkey.pem +9 -0
  701. data/vendor/xmlsec1-1.2.18/tests/keys/expiredreq.pem +11 -0
  702. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.der +0 -0
  703. data/vendor/xmlsec1-1.2.18/tests/keys/gost2001ca.pem +13 -0
  704. data/vendor/xmlsec1-1.2.18/tests/keys/hmackey.bin +1 -0
  705. data/vendor/xmlsec1-1.2.18/tests/keys/keys.xml +83 -0
  706. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.der +0 -0
  707. data/vendor/xmlsec1-1.2.18/tests/keys/largersacert.pem +100 -0
  708. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-win.p12 +0 -0
  709. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey-winxp.p12 +0 -0
  710. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.der +0 -0
  711. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p12 +0 -0
  712. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-der +0 -0
  713. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.p8-pem +53 -0
  714. data/vendor/xmlsec1-1.2.18/tests/keys/largersakey.pem +51 -0
  715. data/vendor/xmlsec1-1.2.18/tests/keys/largersareq.pem +30 -0
  716. data/vendor/xmlsec1-1.2.18/tests/keys/merlincert.pem +20 -0
  717. data/vendor/xmlsec1-1.2.18/tests/keys/openssl.cnf +316 -0
  718. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.der +0 -0
  719. data/vendor/xmlsec1-1.2.18/tests/keys/rsacert.pem +61 -0
  720. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-win.p12 +0 -0
  721. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey-winxp.p12 +0 -0
  722. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.der +0 -0
  723. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p12 +0 -0
  724. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-der +0 -0
  725. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.p8-pem +11 -0
  726. data/vendor/xmlsec1-1.2.18/tests/keys/rsakey.pem +9 -0
  727. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/Readme.txt +20 -0
  728. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-0.txt +15 -0
  729. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-1.txt +15 -0
  730. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-10.txt +15 -0
  731. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-11.txt +15 -0
  732. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-12.txt +15 -0
  733. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-13.txt +15 -0
  734. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-14.txt +15 -0
  735. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-15.txt +0 -0
  736. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-16.txt +0 -0
  737. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-17.txt +15 -0
  738. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-18.txt +15 -0
  739. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-19.txt +15 -0
  740. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-2.txt +15 -0
  741. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-20.txt +15 -0
  742. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-21.txt +15 -0
  743. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-22.txt +15 -0
  744. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-23.txt +15 -0
  745. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-24.txt +1 -0
  746. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-25.txt +0 -0
  747. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-26.txt +15 -0
  748. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-27.txt +430 -0
  749. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-3.txt +15 -0
  750. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-4.txt +15 -0
  751. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-5.txt +15 -0
  752. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-6.txt +1 -0
  753. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-7.txt +1 -0
  754. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-8.txt +15 -0
  755. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/c14n-9.txt +15 -0
  756. data/vendor/xmlsec1-1.2.18/tests/merlin-c14n-three/signature.xml +526 -0
  757. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/Readme.txt +3 -0
  758. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.tmpl +52 -0
  759. data/vendor/xmlsec1-1.2.18/tests/merlin-exc-c14n-one/exc-signature.xml +73 -0
  760. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/Readme.txt +63 -0
  761. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.der +0 -0
  762. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/badb.pem +20 -0
  763. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.der +0 -0
  764. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/balor.pem +20 -0
  765. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/bres.pem +20 -0
  766. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.der +0 -0
  767. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/ca.pem +20 -0
  768. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.der +0 -0
  769. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh-cert.pem +20 -0
  770. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.der +0 -0
  771. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/lugh.pem +12 -0
  772. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.der +0 -0
  773. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/macha.pem +20 -0
  774. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.der +0 -0
  775. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/merlin.pem +21 -0
  776. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/morigu.pem +20 -0
  777. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.der +0 -0
  778. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/certs/nemain.pem +20 -0
  779. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.tmpl +22 -0
  780. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloped-dsa.xml +43 -0
  781. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.tmpl +21 -0
  782. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa.xml +42 -0
  783. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.tmpl +18 -0
  784. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml +39 -0
  785. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.tmpl +16 -0
  786. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40.xml +17 -0
  787. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.tmpl +14 -0
  788. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1.xml +15 -0
  789. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.tmpl +18 -0
  790. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-enveloping-rsa.xml +31 -0
  791. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.tmpl +20 -0
  792. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-b64-dsa.xml +41 -0
  793. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.tmpl +17 -0
  794. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-external-dsa.xml +38 -0
  795. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.tmpl +16 -0
  796. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-keyname.xml +17 -0
  797. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.tmpl +16 -0
  798. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml +17 -0
  799. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.tmpl +17 -0
  800. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml +47 -0
  801. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.tmpl +17 -0
  802. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-crt.xml +38 -0
  803. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.tmpl +17 -0
  804. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-is.xml +24 -0
  805. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.tmpl +17 -0
  806. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-ski.xml +21 -0
  807. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.tmpl +17 -0
  808. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature-x509-sn.xml +21 -0
  809. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.tmpl +245 -0
  810. data/vendor/xmlsec1-1.2.18/tests/merlin-xmldsig-twenty-three/signature.xml +269 -0
  811. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/Readme.txt +117 -0
  812. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/bad-encrypt-content-aes128-cbc-kw-aes192.xml +42 -0
  813. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform-except.xml +83 -0
  814. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/decryption-transform.xml +73 -0
  815. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh0.p8 +0 -0
  816. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dh1.p8 +0 -0
  817. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/dsa.p8 +0 -0
  818. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data +27 -0
  819. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.tmpl +20 -0
  820. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.xml +45 -0
  821. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml +113 -0
  822. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data +27 -0
  823. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.tmpl +18 -0
  824. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.xml +42 -0
  825. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data +27 -0
  826. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.tmpl +11 -0
  827. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-content-tripledes-cbc.xml +35 -0
  828. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.data +1 -0
  829. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.tmpl +11 -0
  830. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes128-cbc.xml +12 -0
  831. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data +1 -0
  832. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.tmpl +20 -0
  833. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.xml +22 -0
  834. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data +1 -0
  835. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.tmpl +20 -0
  836. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.xml +22 -0
  837. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml +46 -0
  838. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data +1 -0
  839. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.tmpl +21 -0
  840. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml +43 -0
  841. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data +27 -0
  842. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.tmpl +19 -0
  843. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.xml +63 -0
  844. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.data +36 -0
  845. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes192-cbc-ref.xml +42 -0
  846. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml +57 -0
  847. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml +122 -0
  848. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.data +40 -0
  849. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256.xml +47 -0
  850. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data +27 -0
  851. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.tmpl +20 -0
  852. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.xml +43 -0
  853. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-dh.xml +98 -0
  854. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml +108 -0
  855. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml +46 -0
  856. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml +51 -0
  857. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.tmpl +25 -0
  858. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes.xml +27 -0
  859. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128.xml +27 -0
  860. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192.xml +27 -0
  861. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256.xml +28 -0
  862. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/ids.p12 +0 -0
  863. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/keys.xml +42 -0
  864. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/plaintext.xml +24 -0
  865. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsa.p8 +0 -0
  866. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.der +0 -0
  867. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p12 +0 -0
  868. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-der +0 -0
  869. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.p8-pem +17 -0
  870. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapriv.pem +15 -0
  871. data/vendor/xmlsec1-1.2.18/tests/merlin-xmlenc-five/rsapub.pem +6 -0
  872. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/Readme.txt +23 -0
  873. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-0.txt +11 -0
  874. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-1.txt +0 -0
  875. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec-c14n-2.txt +25 -0
  876. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.tmpl +50 -0
  877. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-spec.xml +122 -0
  878. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl-c14n-0.txt +3986 -0
  879. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.tmpl +4153 -0
  880. data/vendor/xmlsec1-1.2.18/tests/merlin-xpath-filter2-three/sign-xfdl.xml +4225 -0
  881. data/vendor/xmlsec1-1.2.18/tests/nss.supp +220 -0
  882. data/vendor/xmlsec1-1.2.18/tests/nssdb/cert8.db +0 -0
  883. data/vendor/xmlsec1-1.2.18/tests/nssdb/key3.db +0 -0
  884. data/vendor/xmlsec1-1.2.18/tests/nssdb/secmod.db +0 -0
  885. data/vendor/xmlsec1-1.2.18/tests/openssl.supp +63 -0
  886. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt +248 -0
  887. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/crl.der +0 -0
  888. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-ca-cert.der +0 -0
  889. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/dsa-cert.der +0 -0
  890. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-dsa-key.der +0 -0
  891. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/enc-rsa-key.der +0 -0
  892. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/hmackey.bin +1 -0
  893. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-ca-cert.der +0 -0
  894. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/certs/rsa-cert.der +0 -0
  895. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document-stylesheet.xml +7 -0
  896. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.b64 +4 -0
  897. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xml +6 -0
  898. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/document.xsl +45 -0
  899. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-big.xml +39 -0
  900. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-detached.xml +1 -0
  901. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloped.xml +6 -0
  902. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-enveloping.xml +6 -0
  903. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-dsa-manifest.xml +1 -0
  904. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-md5-c14n-enveloping.xml +6 -0
  905. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-c14n-comments-detached.xml +1 -0
  906. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml +1 -0
  907. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml +1 -0
  908. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml +6 -0
  909. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml +1 -0
  910. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xpath-transform.xml +1 -0
  911. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method.xml +6 -0
  912. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method.xml +39 -0
  913. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached-xslt-transform.xml +39 -0
  914. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-detached.xml +1 -0
  915. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml +6 -0
  916. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped-bad-sig.xml +6 -0
  917. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloped.xml +6 -0
  918. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-enveloping.xml +6 -0
  919. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain.xml +1 -0
  920. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert.xml +1 -0
  921. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial.xml +1 -0
  922. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski.xml +1 -0
  923. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name.xml +1 -0
  924. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-manifest.xml +1 -0
  925. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped.xml +6 -0
  926. data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/signature-rsa-~x509-data-crl.xml +1 -0
  927. data/vendor/xmlsec1-1.2.18/tests/testDSig.sh +875 -0
  928. data/vendor/xmlsec1-1.2.18/tests/testEnc.sh +411 -0
  929. data/vendor/xmlsec1-1.2.18/tests/testKeys.sh +69 -0
  930. data/vendor/xmlsec1-1.2.18/tests/testRes.sh +20 -0
  931. data/vendor/xmlsec1-1.2.18/tests/testXKMS.sh +129 -0
  932. data/vendor/xmlsec1-1.2.18/tests/testrun.sh +443 -0
  933. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/c14n11/xml-base-input.xml +17 -0
  934. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.tmpl +2 -0
  935. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-1.xml +2 -0
  936. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.tmpl +2 -0
  937. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-2.xml +2 -0
  938. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.tmpl +2 -0
  939. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/defCan-3.xml +2 -0
  940. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-1-SUN.xml +21 -0
  941. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-2-SUN.xml +21 -0
  942. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-3-SUN.xml +21 -0
  943. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-4-SUN.xml +21 -0
  944. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-5-SUN.xml +21 -0
  945. data/vendor/xmlsec1-1.2.18/tests/xmldsig2ed-tests/xpointer-6-SUN.xml +21 -0
  946. data/vendor/xmlsec1-1.2.18/win32/Makefile.msvc +699 -0
  947. data/vendor/xmlsec1-1.2.18/win32/README.txt +168 -12
  948. data/vendor/xmlsec1-1.2.18/win32/configure.js +395 -0
  949. data/vendor/xmlsec1-1.2.18/win32/libxmlsec.def.src +25 -0
  950. data/vendor/xmlsec1-1.2.18/win32/mycfg.bat +21 -0
  951. data/vendor/xmlsec1-1.2.18/xmlsec-config.in +243 -0
  952. data/vendor/xmlsec1-1.2.18/xmlsec-gcrypt.pc.in +11 -0
  953. data/vendor/xmlsec1-1.2.18/xmlsec-gnutls.pc.in +11 -0
  954. data/vendor/xmlsec1-1.2.18/xmlsec-nss.pc.in +11 -0
  955. data/vendor/xmlsec1-1.2.18/xmlsec-openssl.pc.in +11 -0
  956. data/vendor/xmlsec1-1.2.18/xmlsec.pc.in +11 -0
  957. data/vendor/xmlsec1-1.2.18/xmlsec.spec.in +185 -0
  958. data/vendor/xmlsec1-1.2.18/xmlsec1-config +243 -0
  959. data/vendor/xmlsec1-1.2.18/xmlsec1-gcrypt.pc +11 -0
  960. data/vendor/xmlsec1-1.2.18/xmlsec1-gnutls.pc +11 -0
  961. data/vendor/xmlsec1-1.2.18/xmlsec1-nss.pc +11 -0
  962. data/vendor/xmlsec1-1.2.18/xmlsec1-openssl.pc +11 -0
  963. data/vendor/xmlsec1-1.2.18/xmlsec1.m4 +172 -0
  964. data/vendor/xmlsec1-1.2.18/xmlsec1.pc +11 -0
  965. data/vendor/xmlsec1-1.2.18/xmlsec1.spec +185 -0
  966. data/vendor/xmlsec1-1.2.18/xmlsec1Conf.sh +13 -0
  967. data/vendor/xmlsec1-1.2.18/xmlsecConf.sh.in +13 -0
  968. data/xmlsec-shim.gemspec +18 -0
  969. metadata +1014 -0
@@ -0,0 +1,447 @@
1
+ /**
2
+ *
3
+ * XMLSec library
4
+ *
5
+ * DES Algorithm support
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
11
+ */
12
+ #include "globals.h"
13
+
14
+ #include <stdlib.h>
15
+ #include <stdio.h>
16
+ #include <string.h>
17
+
18
+ #include <openssl/rand.h>
19
+
20
+ #include <xmlsec/xmlsec.h>
21
+ #include <xmlsec/xmltree.h>
22
+ #include <xmlsec/keys.h>
23
+ #include <xmlsec/keyinfo.h>
24
+ #include <xmlsec/transforms.h>
25
+ #include <xmlsec/errors.h>
26
+
27
+ #include <xmlsec/openssl/crypto.h>
28
+
29
+ /*****************************************************************************
30
+ *
31
+ * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
32
+ *
33
+ ****************************************************************************/
34
+ static int xmlSecOpenSSLSymKeyDataInitialize (xmlSecKeyDataPtr data);
35
+ static int xmlSecOpenSSLSymKeyDataDuplicate (xmlSecKeyDataPtr dst,
36
+ xmlSecKeyDataPtr src);
37
+ static void xmlSecOpenSSLSymKeyDataFinalize (xmlSecKeyDataPtr data);
38
+ static int xmlSecOpenSSLSymKeyDataXmlRead (xmlSecKeyDataId id,
39
+ xmlSecKeyPtr key,
40
+ xmlNodePtr node,
41
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
42
+ static int xmlSecOpenSSLSymKeyDataXmlWrite (xmlSecKeyDataId id,
43
+ xmlSecKeyPtr key,
44
+ xmlNodePtr node,
45
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
46
+ static int xmlSecOpenSSLSymKeyDataBinRead (xmlSecKeyDataId id,
47
+ xmlSecKeyPtr key,
48
+ const xmlSecByte* buf,
49
+ xmlSecSize bufSize,
50
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
51
+ static int xmlSecOpenSSLSymKeyDataBinWrite (xmlSecKeyDataId id,
52
+ xmlSecKeyPtr key,
53
+ xmlSecByte** buf,
54
+ xmlSecSize* bufSize,
55
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
56
+ static int xmlSecOpenSSLSymKeyDataGenerate (xmlSecKeyDataPtr data,
57
+ xmlSecSize sizeBits,
58
+ xmlSecKeyDataType type);
59
+
60
+ static xmlSecKeyDataType xmlSecOpenSSLSymKeyDataGetType (xmlSecKeyDataPtr data);
61
+ static xmlSecSize xmlSecOpenSSLSymKeyDataGetSize (xmlSecKeyDataPtr data);
62
+ static void xmlSecOpenSSLSymKeyDataDebugDump (xmlSecKeyDataPtr data,
63
+ FILE* output);
64
+ static void xmlSecOpenSSLSymKeyDataDebugXmlDump (xmlSecKeyDataPtr data,
65
+ FILE* output);
66
+ static int xmlSecOpenSSLSymKeyDataKlassCheck (xmlSecKeyDataKlass* klass);
67
+
68
+ #define xmlSecOpenSSLSymKeyDataCheckId(data) \
69
+ (xmlSecKeyDataIsValid((data)) && \
70
+ xmlSecOpenSSLSymKeyDataKlassCheck((data)->id))
71
+
72
+ static int
73
+ xmlSecOpenSSLSymKeyDataInitialize(xmlSecKeyDataPtr data) {
74
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), -1);
75
+
76
+ return(xmlSecKeyDataBinaryValueInitialize(data));
77
+ }
78
+
79
+ static int
80
+ xmlSecOpenSSLSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
81
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(dst), -1);
82
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(src), -1);
83
+ xmlSecAssert2(dst->id == src->id, -1);
84
+
85
+ return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
86
+ }
87
+
88
+ static void
89
+ xmlSecOpenSSLSymKeyDataFinalize(xmlSecKeyDataPtr data) {
90
+ xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
91
+
92
+ xmlSecKeyDataBinaryValueFinalize(data);
93
+ }
94
+
95
+ static int
96
+ xmlSecOpenSSLSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
97
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
98
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
99
+
100
+ return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
101
+ }
102
+
103
+ static int
104
+ xmlSecOpenSSLSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
105
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
106
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
107
+
108
+ return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
109
+ }
110
+
111
+ static int
112
+ xmlSecOpenSSLSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
113
+ const xmlSecByte* buf, xmlSecSize bufSize,
114
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
115
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
116
+
117
+ return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
118
+ }
119
+
120
+ static int
121
+ xmlSecOpenSSLSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
122
+ xmlSecByte** buf, xmlSecSize* bufSize,
123
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
124
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
125
+
126
+ return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
127
+ }
128
+
129
+ static int
130
+ xmlSecOpenSSLSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
131
+ xmlSecBufferPtr buffer;
132
+
133
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), -1);
134
+ xmlSecAssert2(sizeBits > 0, -1);
135
+
136
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
137
+ xmlSecAssert2(buffer != NULL, -1);
138
+
139
+ return(xmlSecOpenSSLGenerateRandom(buffer, (sizeBits + 7) / 8));
140
+ }
141
+
142
+ static xmlSecKeyDataType
143
+ xmlSecOpenSSLSymKeyDataGetType(xmlSecKeyDataPtr data) {
144
+ xmlSecBufferPtr buffer;
145
+
146
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
147
+
148
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
149
+ xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
150
+
151
+ return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
152
+ }
153
+
154
+ static xmlSecSize
155
+ xmlSecOpenSSLSymKeyDataGetSize(xmlSecKeyDataPtr data) {
156
+ xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), 0);
157
+
158
+ return(xmlSecKeyDataBinaryValueGetSize(data));
159
+ }
160
+
161
+ static void
162
+ xmlSecOpenSSLSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
163
+ xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
164
+
165
+ xmlSecKeyDataBinaryValueDebugDump(data, output);
166
+ }
167
+
168
+ static void
169
+ xmlSecOpenSSLSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
170
+ xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
171
+
172
+ xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
173
+ }
174
+
175
+ static int
176
+ xmlSecOpenSSLSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
177
+ #ifndef XMLSEC_NO_DES
178
+ if(klass == xmlSecOpenSSLKeyDataDesId) {
179
+ return(1);
180
+ }
181
+ #endif /* XMLSEC_NO_DES */
182
+
183
+ #ifndef XMLSEC_NO_AES
184
+ #ifndef XMLSEC_OPENSSL_096
185
+ if(klass == xmlSecOpenSSLKeyDataAesId) {
186
+ return(1);
187
+ }
188
+ #endif /* XMLSEC_OPENSSL_096 */
189
+ #endif /* XMLSEC_NO_AES */
190
+
191
+ #ifndef XMLSEC_NO_HMAC
192
+ if(klass == xmlSecOpenSSLKeyDataHmacId) {
193
+ return(1);
194
+ }
195
+ #endif /* XMLSEC_NO_HMAC */
196
+
197
+ return(0);
198
+ }
199
+
200
+ #ifndef XMLSEC_NO_AES
201
+ #ifndef XMLSEC_OPENSSL_096
202
+ /**************************************************************************
203
+ *
204
+ * <xmlsec:AESKeyValue> processing
205
+ *
206
+ *************************************************************************/
207
+ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataAesKlass = {
208
+ sizeof(xmlSecKeyDataKlass),
209
+ xmlSecKeyDataBinarySize,
210
+
211
+ /* data */
212
+ xmlSecNameAESKeyValue,
213
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
214
+ /* xmlSecKeyDataUsage usage; */
215
+ xmlSecHrefAESKeyValue, /* const xmlChar* href; */
216
+ xmlSecNodeAESKeyValue, /* const xmlChar* dataNodeName; */
217
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
218
+
219
+ /* constructors/destructor */
220
+ xmlSecOpenSSLSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
221
+ xmlSecOpenSSLSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
222
+ xmlSecOpenSSLSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
223
+ xmlSecOpenSSLSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
224
+
225
+ /* get info */
226
+ xmlSecOpenSSLSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
227
+ xmlSecOpenSSLSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
228
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
229
+
230
+ /* read/write */
231
+ xmlSecOpenSSLSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
232
+ xmlSecOpenSSLSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
233
+ xmlSecOpenSSLSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
234
+ xmlSecOpenSSLSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
235
+
236
+ /* debug */
237
+ xmlSecOpenSSLSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
238
+ xmlSecOpenSSLSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
239
+
240
+ /* reserved for the future */
241
+ NULL, /* void* reserved0; */
242
+ NULL, /* void* reserved1; */
243
+ };
244
+
245
+ /**
246
+ * xmlSecOpenSSLKeyDataAesGetKlass:
247
+ *
248
+ * The AES key data klass.
249
+ *
250
+ * Returns: AES key data klass.
251
+ */
252
+ xmlSecKeyDataId
253
+ xmlSecOpenSSLKeyDataAesGetKlass(void) {
254
+ return(&xmlSecOpenSSLKeyDataAesKlass);
255
+ }
256
+
257
+ /**
258
+ * xmlSecOpenSSLKeyDataAesSet:
259
+ * @data: the pointer to AES key data.
260
+ * @buf: the pointer to key value.
261
+ * @bufSize: the key value size (in bytes).
262
+ *
263
+ * Sets the value of AES key data.
264
+ *
265
+ * Returns: 0 on success or a negative value if an error occurs.
266
+ */
267
+ int
268
+ xmlSecOpenSSLKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
269
+ xmlSecBufferPtr buffer;
270
+
271
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataAesId), -1);
272
+ xmlSecAssert2(buf != NULL, -1);
273
+ xmlSecAssert2(bufSize > 0, -1);
274
+
275
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
276
+ xmlSecAssert2(buffer != NULL, -1);
277
+
278
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
279
+ }
280
+
281
+ #endif /* XMLSEC_OPENSSL_096 */
282
+ #endif /* XMLSEC_NO_AES */
283
+
284
+ #ifndef XMLSEC_NO_DES
285
+ /**************************************************************************
286
+ *
287
+ * <xmlsec:DESKeyValue> processing
288
+ *
289
+ *************************************************************************/
290
+ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataDesKlass = {
291
+ sizeof(xmlSecKeyDataKlass),
292
+ xmlSecKeyDataBinarySize,
293
+
294
+ /* data */
295
+ xmlSecNameDESKeyValue,
296
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
297
+ /* xmlSecKeyDataUsage usage; */
298
+ xmlSecHrefDESKeyValue, /* const xmlChar* href; */
299
+ xmlSecNodeDESKeyValue, /* const xmlChar* dataNodeName; */
300
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
301
+
302
+ /* constructors/destructor */
303
+ xmlSecOpenSSLSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
304
+ xmlSecOpenSSLSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
305
+ xmlSecOpenSSLSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
306
+ xmlSecOpenSSLSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
307
+
308
+ /* get info */
309
+ xmlSecOpenSSLSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
310
+ xmlSecOpenSSLSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
311
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
312
+
313
+ /* read/write */
314
+ xmlSecOpenSSLSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
315
+ xmlSecOpenSSLSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
316
+ xmlSecOpenSSLSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
317
+ xmlSecOpenSSLSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
318
+
319
+ /* debug */
320
+ xmlSecOpenSSLSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
321
+ xmlSecOpenSSLSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
322
+
323
+ /* reserved for the future */
324
+ NULL, /* void* reserved0; */
325
+ NULL, /* void* reserved1; */
326
+ };
327
+
328
+ /**
329
+ * xmlSecOpenSSLKeyDataDesGetKlass:
330
+ *
331
+ * The DES key data klass.
332
+ *
333
+ * Returns: DES key data klass.
334
+ */
335
+ xmlSecKeyDataId
336
+ xmlSecOpenSSLKeyDataDesGetKlass(void) {
337
+ return(&xmlSecOpenSSLKeyDataDesKlass);
338
+ }
339
+
340
+ /**
341
+ * xmlSecOpenSSLKeyDataDesSet:
342
+ * @data: the pointer to DES key data.
343
+ * @buf: the pointer to key value.
344
+ * @bufSize: the key value size (in bytes).
345
+ *
346
+ * Sets the value of DES key data.
347
+ *
348
+ * Returns: 0 on success or a negative value if an error occurs.
349
+ */
350
+ int
351
+ xmlSecOpenSSLKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
352
+ xmlSecBufferPtr buffer;
353
+
354
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDesId), -1);
355
+ xmlSecAssert2(buf != NULL, -1);
356
+ xmlSecAssert2(bufSize > 0, -1);
357
+
358
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
359
+ xmlSecAssert2(buffer != NULL, -1);
360
+
361
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
362
+ }
363
+
364
+ #endif /* XMLSEC_NO_DES */
365
+
366
+ #ifndef XMLSEC_NO_HMAC
367
+ /**************************************************************************
368
+ *
369
+ * <xmlsec:HMACKeyValue> processing
370
+ *
371
+ *************************************************************************/
372
+ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataHmacKlass = {
373
+ sizeof(xmlSecKeyDataKlass),
374
+ xmlSecKeyDataBinarySize,
375
+
376
+ /* data */
377
+ xmlSecNameHMACKeyValue,
378
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
379
+ /* xmlSecKeyDataUsage usage; */
380
+ xmlSecHrefHMACKeyValue, /* const xmlChar* href; */
381
+ xmlSecNodeHMACKeyValue, /* const xmlChar* dataNodeName; */
382
+ xmlSecNs, /* const xmlChar* dataNodeNs; */
383
+
384
+ /* constructors/destructor */
385
+ xmlSecOpenSSLSymKeyDataInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
386
+ xmlSecOpenSSLSymKeyDataDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
387
+ xmlSecOpenSSLSymKeyDataFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */
388
+ xmlSecOpenSSLSymKeyDataGenerate, /* xmlSecKeyDataGenerateMethod generate; */
389
+
390
+ /* get info */
391
+ xmlSecOpenSSLSymKeyDataGetType, /* xmlSecKeyDataGetTypeMethod getType; */
392
+ xmlSecOpenSSLSymKeyDataGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
393
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
394
+
395
+ /* read/write */
396
+ xmlSecOpenSSLSymKeyDataXmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
397
+ xmlSecOpenSSLSymKeyDataXmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
398
+ xmlSecOpenSSLSymKeyDataBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
399
+ xmlSecOpenSSLSymKeyDataBinWrite, /* xmlSecKeyDataBinWriteMethod binWrite; */
400
+
401
+ /* debug */
402
+ xmlSecOpenSSLSymKeyDataDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
403
+ xmlSecOpenSSLSymKeyDataDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
404
+
405
+ /* reserved for the future */
406
+ NULL, /* void* reserved0; */
407
+ NULL, /* void* reserved1; */
408
+ };
409
+
410
+ /**
411
+ * xmlSecOpenSSLKeyDataHmacGetKlass:
412
+ *
413
+ * The HMAC key data klass.
414
+ *
415
+ * Returns: HMAC key data klass.
416
+ */
417
+ xmlSecKeyDataId
418
+ xmlSecOpenSSLKeyDataHmacGetKlass(void) {
419
+ return(&xmlSecOpenSSLKeyDataHmacKlass);
420
+ }
421
+
422
+ /**
423
+ * xmlSecOpenSSLKeyDataHmacSet:
424
+ * @data: the pointer to HMAC key data.
425
+ * @buf: the pointer to key value.
426
+ * @bufSize: the key value size (in bytes).
427
+ *
428
+ * Sets the value of HMAC key data.
429
+ *
430
+ * Returns: 0 on success or a negative value if an error occurs.
431
+ */
432
+ int
433
+ xmlSecOpenSSLKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
434
+ xmlSecBufferPtr buffer;
435
+
436
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataHmacId), -1);
437
+ xmlSecAssert2(buf != NULL, -1);
438
+ xmlSecAssert2(bufSize > 0, -1);
439
+
440
+ buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
441
+ xmlSecAssert2(buffer != NULL, -1);
442
+
443
+ return(xmlSecBufferSetData(buffer, buf, bufSize));
444
+ }
445
+
446
+ #endif /* XMLSEC_NO_HMAC */
447
+
@@ -0,0 +1,2414 @@
1
+ /**
2
+ * XMLSec library
3
+ *
4
+ * X509 support
5
+ *
6
+ *
7
+ * This is free software; see Copyright file in the source
8
+ * distribution for preciese wording.
9
+ *
10
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
11
+ */
12
+ #include "globals.h"
13
+
14
+ #ifndef XMLSEC_NO_X509
15
+
16
+ #include <stdlib.h>
17
+ #include <stdio.h>
18
+ #include <string.h>
19
+ #include <ctype.h>
20
+ #include <errno.h>
21
+ #include <time.h>
22
+
23
+ #include <libxml/tree.h>
24
+ #include <openssl/evp.h>
25
+ #include <openssl/x509.h>
26
+ #include <openssl/x509_vfy.h>
27
+ #include <openssl/x509v3.h>
28
+ #include <openssl/asn1.h>
29
+
30
+ #include <xmlsec/xmlsec.h>
31
+ #include <xmlsec/xmltree.h>
32
+ #include <xmlsec/keys.h>
33
+ #include <xmlsec/keyinfo.h>
34
+ #include <xmlsec/keysmngr.h>
35
+ #include <xmlsec/x509.h>
36
+ #include <xmlsec/base64.h>
37
+ #include <xmlsec/errors.h>
38
+
39
+ #include <xmlsec/openssl/crypto.h>
40
+ #include <xmlsec/openssl/evp.h>
41
+ #include <xmlsec/openssl/x509.h>
42
+
43
+ /*************************************************************************
44
+ *
45
+ * X509 utility functions
46
+ *
47
+ ************************************************************************/
48
+ static int xmlSecOpenSSLX509DataNodeRead (xmlSecKeyDataPtr data,
49
+ xmlNodePtr node,
50
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
51
+ static int xmlSecOpenSSLX509CertificateNodeRead (xmlSecKeyDataPtr data,
52
+ xmlNodePtr node,
53
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
54
+ static int xmlSecOpenSSLX509CertificateNodeWrite (X509* cert,
55
+ xmlNodePtr node,
56
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
57
+ static int xmlSecOpenSSLX509SubjectNameNodeRead (xmlSecKeyDataPtr data,
58
+ xmlNodePtr node,
59
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
60
+ static int xmlSecOpenSSLX509SubjectNameNodeWrite (X509* cert,
61
+ xmlNodePtr node,
62
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
63
+ static int xmlSecOpenSSLX509IssuerSerialNodeRead (xmlSecKeyDataPtr data,
64
+ xmlNodePtr node,
65
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
66
+ static int xmlSecOpenSSLX509IssuerSerialNodeWrite (X509* cert,
67
+ xmlNodePtr node,
68
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
69
+ static int xmlSecOpenSSLX509SKINodeRead (xmlSecKeyDataPtr data,
70
+ xmlNodePtr node,
71
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
72
+ static int xmlSecOpenSSLX509SKINodeWrite (X509* cert,
73
+ xmlNodePtr node,
74
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
75
+ static int xmlSecOpenSSLX509CRLNodeRead (xmlSecKeyDataPtr data,
76
+ xmlNodePtr node,
77
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
78
+ static int xmlSecOpenSSLX509CRLNodeWrite (X509_CRL* crl,
79
+ xmlNodePtr node,
80
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
81
+ static int xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
82
+ xmlSecKeyPtr key,
83
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
84
+ static X509* xmlSecOpenSSLX509CertDerRead (const xmlSecByte* buf,
85
+ xmlSecSize size);
86
+ static X509* xmlSecOpenSSLX509CertBase64DerRead (xmlChar* buf);
87
+ static xmlChar* xmlSecOpenSSLX509CertBase64DerWrite (X509* cert,
88
+ int base64LineWrap);
89
+ static X509_CRL* xmlSecOpenSSLX509CrlDerRead (xmlSecByte* buf,
90
+ xmlSecSize size);
91
+ static X509_CRL* xmlSecOpenSSLX509CrlBase64DerRead (xmlChar* buf);
92
+ static xmlChar* xmlSecOpenSSLX509CrlBase64DerWrite (X509_CRL* crl,
93
+ int base64LineWrap);
94
+ static xmlChar* xmlSecOpenSSLX509NameWrite (X509_NAME* nm);
95
+ static xmlChar* xmlSecOpenSSLASN1IntegerWrite (ASN1_INTEGER *asni);
96
+ static xmlChar* xmlSecOpenSSLX509SKIWrite (X509* cert);
97
+ static void xmlSecOpenSSLX509CertDebugDump (X509* cert,
98
+ FILE* output);
99
+ static void xmlSecOpenSSLX509CertDebugXmlDump (X509* cert,
100
+ FILE* output);
101
+ static int xmlSecOpenSSLX509CertGetTime (ASN1_TIME* t,
102
+ time_t* res);
103
+
104
+ /*************************************************************************
105
+ *
106
+ * Internal OpenSSL X509 data CTX
107
+ *
108
+ ************************************************************************/
109
+ typedef struct _xmlSecOpenSSLX509DataCtx xmlSecOpenSSLX509DataCtx,
110
+ *xmlSecOpenSSLX509DataCtxPtr;
111
+ struct _xmlSecOpenSSLX509DataCtx {
112
+ X509* keyCert;
113
+ STACK_OF(X509)* certsList;
114
+ STACK_OF(X509_CRL)* crlsList;
115
+ };
116
+
117
+ /**************************************************************************
118
+ *
119
+ * <dsig:X509Data> processing
120
+ *
121
+ *
122
+ * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
123
+ *
124
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
125
+ * or X509 certificates (or certificates' identifiers or a revocation list).
126
+ * The content of X509Data is:
127
+ *
128
+ * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
129
+ * 2.
130
+ * * The X509IssuerSerial element, which contains an X.509 issuer
131
+ * distinguished name/serial number pair that SHOULD be compliant
132
+ * with RFC2253 [LDAP-DN],
133
+ * * The X509SubjectName element, which contains an X.509 subject
134
+ * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
135
+ * * The X509SKI element, which contains the base64 encoded plain (i.e.
136
+ * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
137
+ * * The X509Certificate element, which contains a base64-encoded [X509v3]
138
+ * certificate, and
139
+ * * Elements from an external namespace which accompanies/complements any
140
+ * of the elements above.
141
+ * * The X509CRL element, which contains a base64-encoded certificate
142
+ * revocation list (CRL) [X509v3].
143
+ *
144
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
145
+ * MUST refer to the certificate or certificates containing the validation key.
146
+ * All such elements that refer to a particular individual certificate MUST be
147
+ * grouped inside a single X509Data element and if the certificate to which
148
+ * they refer appears, it MUST also be in that X509Data element.
149
+ *
150
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
151
+ * the same key but different certificates MUST be grouped within a single
152
+ * KeyInfo but MAY occur in multiple X509Data elements.
153
+ *
154
+ * All certificates appearing in an X509Data element MUST relate to the
155
+ * validation key by either containing it or being part of a certification
156
+ * chain that terminates in a certificate containing the validation key.
157
+ *
158
+ * No ordering is implied by the above constraints.
159
+ *
160
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
161
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
162
+ * within an X509Data element and multiple X509Data elements can occur in a
163
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
164
+ * least one such certificate must contain the public key which verifies the
165
+ * signature.
166
+ *
167
+ * Schema Definition
168
+ *
169
+ * <element name="X509Data" type="ds:X509DataType"/>
170
+ * <complexType name="X509DataType">
171
+ * <sequence maxOccurs="unbounded">
172
+ * <choice>
173
+ * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
174
+ * <element name="X509SKI" type="base64Binary"/>
175
+ * <element name="X509SubjectName" type="string"/>
176
+ * <element name="X509Certificate" type="base64Binary"/>
177
+ * <element name="X509CRL" type="base64Binary"/>
178
+ * <any namespace="##other" processContents="lax"/>
179
+ * </choice>
180
+ * </sequence>
181
+ * </complexType>
182
+ * <complexType name="X509IssuerSerialType">
183
+ * <sequence>
184
+ * <element name="X509IssuerName" type="string"/>
185
+ * <element name="X509SerialNumber" type="integer"/>
186
+ * </sequence>
187
+ * </complexType>
188
+ *
189
+ * DTD
190
+ *
191
+ * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
192
+ * X509Certificate | X509CRL)+ %X509.ANY;)>
193
+ * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
194
+ * <!ELEMENT X509IssuerName (#PCDATA) >
195
+ * <!ELEMENT X509SubjectName (#PCDATA) >
196
+ * <!ELEMENT X509SerialNumber (#PCDATA) >
197
+ * <!ELEMENT X509SKI (#PCDATA) >
198
+ * <!ELEMENT X509Certificate (#PCDATA) >
199
+ * <!ELEMENT X509CRL (#PCDATA) >
200
+ *
201
+ * -----------------------------------------------------------------------
202
+ *
203
+ * xmlSecOpenSSLX509DataCtx is located after xmlSecTransform
204
+ *
205
+ *************************************************************************/
206
+ #define xmlSecOpenSSLX509DataSize \
207
+ (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLX509DataCtx))
208
+ #define xmlSecOpenSSLX509DataGetCtx(data) \
209
+ ((xmlSecOpenSSLX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
210
+
211
+ static int xmlSecOpenSSLKeyDataX509Initialize (xmlSecKeyDataPtr data);
212
+ static int xmlSecOpenSSLKeyDataX509Duplicate (xmlSecKeyDataPtr dst,
213
+ xmlSecKeyDataPtr src);
214
+ static void xmlSecOpenSSLKeyDataX509Finalize (xmlSecKeyDataPtr data);
215
+ static int xmlSecOpenSSLKeyDataX509XmlRead (xmlSecKeyDataId id,
216
+ xmlSecKeyPtr key,
217
+ xmlNodePtr node,
218
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
219
+ static int xmlSecOpenSSLKeyDataX509XmlWrite (xmlSecKeyDataId id,
220
+ xmlSecKeyPtr key,
221
+ xmlNodePtr node,
222
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
223
+ static xmlSecKeyDataType xmlSecOpenSSLKeyDataX509GetType (xmlSecKeyDataPtr data);
224
+ static const xmlChar* xmlSecOpenSSLKeyDataX509GetIdentifier (xmlSecKeyDataPtr data);
225
+
226
+ static void xmlSecOpenSSLKeyDataX509DebugDump (xmlSecKeyDataPtr data,
227
+ FILE* output);
228
+ static void xmlSecOpenSSLKeyDataX509DebugXmlDump (xmlSecKeyDataPtr data,
229
+ FILE* output);
230
+
231
+
232
+
233
+ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataX509Klass = {
234
+ sizeof(xmlSecKeyDataKlass),
235
+ xmlSecOpenSSLX509DataSize,
236
+
237
+ /* data */
238
+ xmlSecNameX509Data,
239
+ xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
240
+ /* xmlSecKeyDataUsage usage; */
241
+ xmlSecHrefX509Data, /* const xmlChar* href; */
242
+ xmlSecNodeX509Data, /* const xmlChar* dataNodeName; */
243
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
244
+
245
+ /* constructors/destructor */
246
+ xmlSecOpenSSLKeyDataX509Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
247
+ xmlSecOpenSSLKeyDataX509Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
248
+ xmlSecOpenSSLKeyDataX509Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
249
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
250
+
251
+ /* get info */
252
+ xmlSecOpenSSLKeyDataX509GetType, /* xmlSecKeyDataGetTypeMethod getType; */
253
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
254
+ xmlSecOpenSSLKeyDataX509GetIdentifier, /* xmlSecKeyDataGetIdentifier getIdentifier; */
255
+
256
+ /* read/write */
257
+ xmlSecOpenSSLKeyDataX509XmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */
258
+ xmlSecOpenSSLKeyDataX509XmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
259
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
260
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
261
+
262
+ /* debug */
263
+ xmlSecOpenSSLKeyDataX509DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
264
+ xmlSecOpenSSLKeyDataX509DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
265
+
266
+ /* reserved for the future */
267
+ NULL, /* void* reserved0; */
268
+ NULL, /* void* reserved1; */
269
+ };
270
+
271
+ /**
272
+ * xmlSecOpenSSLKeyDataX509GetKlass:
273
+ *
274
+ * The OpenSSL X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
275
+ *
276
+ * Returns: the X509 data klass.
277
+ */
278
+ xmlSecKeyDataId
279
+ xmlSecOpenSSLKeyDataX509GetKlass(void) {
280
+ return(&xmlSecOpenSSLKeyDataX509Klass);
281
+ }
282
+
283
+ /**
284
+ * xmlSecOpenSSLKeyDataX509GetKeyCert:
285
+ * @data: the pointer to X509 key data.
286
+ *
287
+ * Gets the certificate from which the key was extracted.
288
+ *
289
+ * Returns: the key's certificate or NULL if key data was not used for key
290
+ * extraction or an error occurs.
291
+ */
292
+ X509*
293
+ xmlSecOpenSSLKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
294
+ xmlSecOpenSSLX509DataCtxPtr ctx;
295
+
296
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
297
+
298
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
299
+ xmlSecAssert2(ctx != NULL, NULL);
300
+
301
+ return(ctx->keyCert);
302
+ }
303
+
304
+ /**
305
+ * xmlSecOpenSSLKeyDataX509AdoptKeyCert:
306
+ * @data: the pointer to X509 key data.
307
+ * @cert: the pointer to OpenSSL X509 certificate.
308
+ *
309
+ * Sets the key's certificate in @data.
310
+ *
311
+ * Returns: 0 on success or a negative value if an error occurs.
312
+ */
313
+ int
314
+ xmlSecOpenSSLKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, X509* cert) {
315
+ xmlSecOpenSSLX509DataCtxPtr ctx;
316
+
317
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
318
+ xmlSecAssert2(cert != NULL, -1);
319
+
320
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
321
+ xmlSecAssert2(ctx != NULL, -1);
322
+
323
+ if(ctx->keyCert != NULL) {
324
+ X509_free(ctx->keyCert);
325
+ }
326
+ ctx->keyCert = cert;
327
+ return(0);
328
+ }
329
+
330
+ /**
331
+ * xmlSecOpenSSLKeyDataX509AdoptCert:
332
+ * @data: the pointer to X509 key data.
333
+ * @cert: the pointer to OpenSSL X509 certificate.
334
+ *
335
+ * Adds certificate to the X509 key data.
336
+ *
337
+ * Returns: 0 on success or a negative value if an error occurs.
338
+ */
339
+ int
340
+ xmlSecOpenSSLKeyDataX509AdoptCert(xmlSecKeyDataPtr data, X509* cert) {
341
+ xmlSecOpenSSLX509DataCtxPtr ctx;
342
+ int ret;
343
+
344
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
345
+ xmlSecAssert2(cert != NULL, -1);
346
+
347
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
348
+ xmlSecAssert2(ctx != NULL, -1);
349
+
350
+ if(ctx->certsList == NULL) {
351
+ ctx->certsList = sk_X509_new_null();
352
+ if(ctx->certsList == NULL) {
353
+ xmlSecError(XMLSEC_ERRORS_HERE,
354
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
355
+ "sk_X509_new_null",
356
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
357
+ XMLSEC_ERRORS_NO_MESSAGE);
358
+ return(-1);
359
+ }
360
+ }
361
+
362
+ ret = sk_X509_push(ctx->certsList, cert);
363
+ if(ret < 1) {
364
+ xmlSecError(XMLSEC_ERRORS_HERE,
365
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
366
+ "sk_X509_push",
367
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
368
+ XMLSEC_ERRORS_NO_MESSAGE);
369
+ return(-1);
370
+ }
371
+
372
+ return(0);
373
+ }
374
+
375
+ /**
376
+ * xmlSecOpenSSLKeyDataX509GetCert:
377
+ * @data: the pointer to X509 key data.
378
+ * @pos: the desired certificate position.
379
+ *
380
+ * Gets a certificate from X509 key data.
381
+ *
382
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
383
+ * number of certificates in @data or an error occurs.
384
+ */
385
+ X509*
386
+ xmlSecOpenSSLKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
387
+ xmlSecOpenSSLX509DataCtxPtr ctx;
388
+
389
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
390
+
391
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
392
+ xmlSecAssert2(ctx != NULL, NULL);
393
+ xmlSecAssert2(ctx->certsList != NULL, NULL);
394
+ xmlSecAssert2((int)pos < sk_X509_num(ctx->certsList), NULL);
395
+
396
+ return(sk_X509_value(ctx->certsList, pos));
397
+ }
398
+
399
+ /**
400
+ * xmlSecOpenSSLKeyDataX509GetCertsSize:
401
+ * @data: the pointer to X509 key data.
402
+ *
403
+ * Gets the number of certificates in @data.
404
+ *
405
+ * Returns: te number of certificates in @data.
406
+ */
407
+ xmlSecSize
408
+ xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
409
+ xmlSecOpenSSLX509DataCtxPtr ctx;
410
+
411
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), 0);
412
+
413
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
414
+ xmlSecAssert2(ctx != NULL, 0);
415
+
416
+ return((ctx->certsList != NULL) ? sk_X509_num(ctx->certsList) : 0);
417
+ }
418
+
419
+ /**
420
+ * xmlSecOpenSSLKeyDataX509AdoptCrl:
421
+ * @data: the pointer to X509 key data.
422
+ * @crl: the pointer to OpenSSL X509 CRL.
423
+ *
424
+ * Adds CRL to the X509 key data.
425
+ *
426
+ * Returns: 0 on success or a negative value if an error occurs.
427
+ */
428
+ int
429
+ xmlSecOpenSSLKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, X509_CRL* crl) {
430
+ xmlSecOpenSSLX509DataCtxPtr ctx;
431
+ int ret;
432
+
433
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
434
+ xmlSecAssert2(crl != NULL, -1);
435
+
436
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
437
+ xmlSecAssert2(ctx != NULL, -1);
438
+
439
+ if(ctx->crlsList == NULL) {
440
+ ctx->crlsList = sk_X509_CRL_new_null();
441
+ if(ctx->crlsList == NULL) {
442
+ xmlSecError(XMLSEC_ERRORS_HERE,
443
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
444
+ "sk_X509_CRL_new_null",
445
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
446
+ XMLSEC_ERRORS_NO_MESSAGE);
447
+ return(-1);
448
+ }
449
+ }
450
+
451
+ ret = sk_X509_CRL_push(ctx->crlsList, crl);
452
+ if(ret < 1) {
453
+ xmlSecError(XMLSEC_ERRORS_HERE,
454
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
455
+ "sk_X509_CRL_push",
456
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
457
+ XMLSEC_ERRORS_NO_MESSAGE);
458
+ return(-1);
459
+ }
460
+
461
+ return(0);
462
+ }
463
+
464
+ /**
465
+ * xmlSecOpenSSLKeyDataX509GetCrl:
466
+ * @data: the pointer to X509 key data.
467
+ * @pos: the desired CRL position.
468
+ *
469
+ * Gets a CRL from X509 key data.
470
+ *
471
+ * Returns: the pointer to CRL or NULL if @pos is larger than the
472
+ * number of CRLs in @data or an error occurs.
473
+ */
474
+ X509_CRL*
475
+ xmlSecOpenSSLKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
476
+ xmlSecOpenSSLX509DataCtxPtr ctx;
477
+
478
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
479
+
480
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
481
+ xmlSecAssert2(ctx != NULL, NULL);
482
+
483
+ xmlSecAssert2(ctx->crlsList != NULL, NULL);
484
+ xmlSecAssert2((int)pos < sk_X509_CRL_num(ctx->crlsList), NULL);
485
+
486
+ return(sk_X509_CRL_value(ctx->crlsList, pos));
487
+ }
488
+
489
+ /**
490
+ * xmlSecOpenSSLKeyDataX509GetCrlsSize:
491
+ * @data: the pointer to X509 key data.
492
+ *
493
+ * Gets the number of CRLs in @data.
494
+ *
495
+ * Returns: te number of CRLs in @data.
496
+ */
497
+ xmlSecSize
498
+ xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
499
+ xmlSecOpenSSLX509DataCtxPtr ctx;
500
+
501
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), 0);
502
+
503
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
504
+ xmlSecAssert2(ctx != NULL, 0);
505
+
506
+ return((ctx->crlsList != NULL) ? sk_X509_CRL_num(ctx->crlsList) : 0);
507
+ }
508
+
509
+ static int
510
+ xmlSecOpenSSLKeyDataX509Initialize(xmlSecKeyDataPtr data) {
511
+ xmlSecOpenSSLX509DataCtxPtr ctx;
512
+
513
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
514
+
515
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
516
+ xmlSecAssert2(ctx != NULL, -1);
517
+
518
+ memset(ctx, 0, sizeof(xmlSecOpenSSLX509DataCtx));
519
+ return(0);
520
+ }
521
+
522
+ static int
523
+ xmlSecOpenSSLKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
524
+ X509* certSrc;
525
+ X509* certDst;
526
+ X509_CRL* crlSrc;
527
+ X509_CRL* crlDst;
528
+ xmlSecSize size, pos;
529
+ int ret;
530
+
531
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataX509Id), -1);
532
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataX509Id), -1);
533
+
534
+ /* copy certsList */
535
+ size = xmlSecOpenSSLKeyDataX509GetCertsSize(src);
536
+ for(pos = 0; pos < size; ++pos) {
537
+ certSrc = xmlSecOpenSSLKeyDataX509GetCert(src, pos);
538
+ if(certSrc == NULL) {
539
+ xmlSecError(XMLSEC_ERRORS_HERE,
540
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
541
+ "xmlSecOpenSSLKeyDataX509GetCert",
542
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
543
+ "pos=%d", pos);
544
+ return(-1);
545
+ }
546
+
547
+ certDst = X509_dup(certSrc);
548
+ if(certDst == NULL) {
549
+ xmlSecError(XMLSEC_ERRORS_HERE,
550
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
551
+ "X509_dup",
552
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
553
+ XMLSEC_ERRORS_NO_MESSAGE);
554
+ return(-1);
555
+ }
556
+
557
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(dst, certDst);
558
+ if(ret < 0) {
559
+ xmlSecError(XMLSEC_ERRORS_HERE,
560
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
561
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
562
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
563
+ XMLSEC_ERRORS_NO_MESSAGE);
564
+ X509_free(certDst);
565
+ return(-1);
566
+ }
567
+ }
568
+
569
+ /* copy crls */
570
+ size = xmlSecOpenSSLKeyDataX509GetCrlsSize(src);
571
+ for(pos = 0; pos < size; ++pos) {
572
+ crlSrc = xmlSecOpenSSLKeyDataX509GetCrl(src, pos);
573
+ if(crlSrc == NULL) {
574
+ xmlSecError(XMLSEC_ERRORS_HERE,
575
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
576
+ "xmlSecOpenSSLKeyDataX509GetCrl",
577
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
578
+ "pos=%d", pos);
579
+ return(-1);
580
+ }
581
+
582
+ crlDst = X509_CRL_dup(crlSrc);
583
+ if(crlDst == NULL) {
584
+ xmlSecError(XMLSEC_ERRORS_HERE,
585
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
586
+ "X509_CRL_dup",
587
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
588
+ XMLSEC_ERRORS_NO_MESSAGE);
589
+ return(-1);
590
+ }
591
+
592
+ ret = xmlSecOpenSSLKeyDataX509AdoptCrl(dst, crlDst);
593
+ if(ret < 0) {
594
+ xmlSecError(XMLSEC_ERRORS_HERE,
595
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
596
+ "xmlSecOpenSSLKeyDataX509AdoptCrl",
597
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
598
+ XMLSEC_ERRORS_NO_MESSAGE);
599
+ X509_CRL_free(crlDst);
600
+ return(-1);
601
+ }
602
+ }
603
+
604
+ /* copy key cert if exist */
605
+ certSrc = xmlSecOpenSSLKeyDataX509GetKeyCert(src);
606
+ if(certSrc != NULL) {
607
+ certDst = X509_dup(certSrc);
608
+ if(certDst == NULL) {
609
+ xmlSecError(XMLSEC_ERRORS_HERE,
610
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
611
+ "X509_dup",
612
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
613
+ XMLSEC_ERRORS_NO_MESSAGE);
614
+ return(-1);
615
+ }
616
+ ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(dst, certDst);
617
+ if(ret < 0) {
618
+ xmlSecError(XMLSEC_ERRORS_HERE,
619
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
620
+ "xmlSecOpenSSLKeyDataX509AdoptKeyCert",
621
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
622
+ XMLSEC_ERRORS_NO_MESSAGE);
623
+ X509_free(certDst);
624
+ return(-1);
625
+ }
626
+ }
627
+ return(0);
628
+ }
629
+
630
+ static void
631
+ xmlSecOpenSSLKeyDataX509Finalize(xmlSecKeyDataPtr data) {
632
+ xmlSecOpenSSLX509DataCtxPtr ctx;
633
+
634
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id));
635
+
636
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
637
+ xmlSecAssert(ctx != NULL);
638
+
639
+ if(ctx->certsList != NULL) {
640
+ sk_X509_pop_free(ctx->certsList, X509_free);
641
+ }
642
+ if(ctx->crlsList != NULL) {
643
+ sk_X509_CRL_pop_free(ctx->crlsList, X509_CRL_free);
644
+ }
645
+ if(ctx->keyCert != NULL) {
646
+ X509_free(ctx->keyCert);
647
+ }
648
+ memset(ctx, 0, sizeof(xmlSecOpenSSLX509DataCtx));
649
+ }
650
+
651
+ static int
652
+ xmlSecOpenSSLKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
653
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
654
+ xmlSecKeyDataPtr data;
655
+ int ret;
656
+
657
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
658
+ xmlSecAssert2(key != NULL, -1);
659
+ xmlSecAssert2(node != NULL, -1);
660
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
661
+
662
+ data = xmlSecKeyEnsureData(key, id);
663
+ if(data == NULL) {
664
+ xmlSecError(XMLSEC_ERRORS_HERE,
665
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
666
+ "xmlSecKeyEnsureData",
667
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
668
+ XMLSEC_ERRORS_NO_MESSAGE);
669
+ return(-1);
670
+ }
671
+
672
+ ret = xmlSecOpenSSLX509DataNodeRead(data, node, keyInfoCtx);
673
+ if(ret < 0) {
674
+ xmlSecError(XMLSEC_ERRORS_HERE,
675
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
676
+ "xmlSecOpenSSLX509DataNodeRead",
677
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
678
+ XMLSEC_ERRORS_NO_MESSAGE);
679
+ return(-1);
680
+ }
681
+
682
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
683
+ ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
684
+ if(ret < 0) {
685
+ xmlSecError(XMLSEC_ERRORS_HERE,
686
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
687
+ "xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
688
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
689
+ XMLSEC_ERRORS_NO_MESSAGE);
690
+ return(-1);
691
+ }
692
+ }
693
+ return(0);
694
+ }
695
+
696
+ static int
697
+ xmlSecOpenSSLKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
698
+ xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
699
+ xmlSecKeyDataPtr data;
700
+ X509* cert;
701
+ X509_CRL* crl;
702
+ xmlSecSize size, pos;
703
+ int content;
704
+ int ret;
705
+
706
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
707
+ xmlSecAssert2(key != NULL, -1);
708
+ xmlSecAssert2(node != NULL, -1);
709
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
710
+
711
+ content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
712
+ if (content < 0) {
713
+ xmlSecError(XMLSEC_ERRORS_HERE,
714
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
715
+ "xmlSecX509DataGetNodeContent",
716
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
717
+ "content=%d", content);
718
+ return(-1);
719
+ } else if(content == 0) {
720
+ /* by default we are writing certificates and crls */
721
+ content = XMLSEC_X509DATA_DEFAULT;
722
+ }
723
+
724
+ /* get x509 data */
725
+ data = xmlSecKeyGetData(key, id);
726
+ if(data == NULL) {
727
+ /* no x509 data in the key */
728
+ return(0);
729
+ }
730
+
731
+ /* write certs */
732
+ size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
733
+ for(pos = 0; pos < size; ++pos) {
734
+ cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
735
+ if(cert == NULL) {
736
+ xmlSecError(XMLSEC_ERRORS_HERE,
737
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
738
+ "xmlSecOpenSSLKeyDataX509GetCert",
739
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
740
+ "pos=%d", pos);
741
+ return(-1);
742
+ }
743
+
744
+ if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
745
+ ret = xmlSecOpenSSLX509CertificateNodeWrite(cert, node, keyInfoCtx);
746
+ if(ret < 0) {
747
+ xmlSecError(XMLSEC_ERRORS_HERE,
748
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
749
+ "xmlSecOpenSSLX509CertificateNodeWrite",
750
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
751
+ "pos=%d", pos);
752
+ return(-1);
753
+ }
754
+ }
755
+
756
+ if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
757
+ ret = xmlSecOpenSSLX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
758
+ if(ret < 0) {
759
+ xmlSecError(XMLSEC_ERRORS_HERE,
760
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
761
+ "xmlSecOpenSSLX509SubjectNameNodeWrite",
762
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
763
+ "pos=%d", pos);
764
+ return(-1);
765
+ }
766
+ }
767
+
768
+ if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
769
+ ret = xmlSecOpenSSLX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
770
+ if(ret < 0) {
771
+ xmlSecError(XMLSEC_ERRORS_HERE,
772
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
773
+ "xmlSecOpenSSLX509IssuerSerialNodeWrite",
774
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
775
+ "pos=%d", pos);
776
+ return(-1);
777
+ }
778
+ }
779
+
780
+ if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
781
+ ret = xmlSecOpenSSLX509SKINodeWrite(cert, node, keyInfoCtx);
782
+ if(ret < 0) {
783
+ xmlSecError(XMLSEC_ERRORS_HERE,
784
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
785
+ "xmlSecOpenSSLX509SKINodeWrite",
786
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
787
+ "pos=%d", pos);
788
+ return(-1);
789
+ }
790
+ }
791
+ }
792
+
793
+ /* write crls if needed */
794
+ if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
795
+ size = xmlSecOpenSSLKeyDataX509GetCrlsSize(data);
796
+ for(pos = 0; pos < size; ++pos) {
797
+ crl = xmlSecOpenSSLKeyDataX509GetCrl(data, pos);
798
+ if(crl == NULL) {
799
+ xmlSecError(XMLSEC_ERRORS_HERE,
800
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
801
+ "xmlSecOpenSSLKeyDataX509GetCrl",
802
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
803
+ "pos=%d", pos);
804
+ return(-1);
805
+ }
806
+
807
+ ret = xmlSecOpenSSLX509CRLNodeWrite(crl, node, keyInfoCtx);
808
+ if(ret < 0) {
809
+ xmlSecError(XMLSEC_ERRORS_HERE,
810
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
811
+ "xmlSecOpenSSLX509CRLNodeWrite",
812
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
813
+ "pos=%d", pos);
814
+ return(-1);
815
+ }
816
+ }
817
+ }
818
+
819
+ return(0);
820
+ }
821
+
822
+
823
+ static xmlSecKeyDataType
824
+ xmlSecOpenSSLKeyDataX509GetType(xmlSecKeyDataPtr data) {
825
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), xmlSecKeyDataTypeUnknown);
826
+
827
+ /* TODO: return verified/not verified status */
828
+ return(xmlSecKeyDataTypeUnknown);
829
+ }
830
+
831
+ static const xmlChar*
832
+ xmlSecOpenSSLKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
833
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
834
+
835
+ /* TODO */
836
+ return(NULL);
837
+ }
838
+
839
+ static void
840
+ xmlSecOpenSSLKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
841
+ X509* cert;
842
+ xmlSecSize size, pos;
843
+
844
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id));
845
+ xmlSecAssert(output != NULL);
846
+
847
+ fprintf(output, "=== X509 Data:\n");
848
+ cert = xmlSecOpenSSLKeyDataX509GetKeyCert(data);
849
+ if(cert != NULL) {
850
+ fprintf(output, "==== Key Certificate:\n");
851
+ xmlSecOpenSSLX509CertDebugDump(cert, output);
852
+ }
853
+
854
+ size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
855
+ for(pos = 0; pos < size; ++pos) {
856
+ cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
857
+ if(cert == NULL) {
858
+ xmlSecError(XMLSEC_ERRORS_HERE,
859
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
860
+ "xmlSecOpenSSLKeyDataX509GetCert",
861
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
862
+ "pos=%d", pos);
863
+ return;
864
+ }
865
+ fprintf(output, "==== Certificate:\n");
866
+ xmlSecOpenSSLX509CertDebugDump(cert, output);
867
+ }
868
+
869
+ /* we don't print out crls */
870
+ }
871
+
872
+ static void
873
+ xmlSecOpenSSLKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
874
+ X509* cert;
875
+ xmlSecSize size, pos;
876
+
877
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id));
878
+ xmlSecAssert(output != NULL);
879
+
880
+ fprintf(output, "<X509Data>\n");
881
+ cert = xmlSecOpenSSLKeyDataX509GetKeyCert(data);
882
+ if(cert != NULL) {
883
+ fprintf(output, "<KeyCertificate>\n");
884
+ xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
885
+ fprintf(output, "</KeyCertificate>\n");
886
+ }
887
+
888
+ size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
889
+ for(pos = 0; pos < size; ++pos) {
890
+ cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
891
+ if(cert == NULL) {
892
+ xmlSecError(XMLSEC_ERRORS_HERE,
893
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
894
+ "xmlSecOpenSSLKeyDataX509GetCert",
895
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
896
+ "pos=%d", pos);
897
+ return;
898
+ }
899
+ fprintf(output, "<Certificate>\n");
900
+ xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
901
+ fprintf(output, "</Certificate>\n");
902
+ }
903
+
904
+ /* we don't print out crls */
905
+ fprintf(output, "</X509Data>\n");
906
+ }
907
+
908
+ static int
909
+ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
910
+ xmlNodePtr cur;
911
+ int ret;
912
+
913
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
914
+ xmlSecAssert2(node != NULL, -1);
915
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
916
+
917
+ for(cur = xmlSecGetNextElementNode(node->children);
918
+ cur != NULL;
919
+ cur = xmlSecGetNextElementNode(cur->next)) {
920
+
921
+ ret = 0;
922
+ if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
923
+ ret = xmlSecOpenSSLX509CertificateNodeRead(data, cur, keyInfoCtx);
924
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
925
+ ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
926
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
927
+ ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
928
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
929
+ ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
930
+ } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
931
+ ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
932
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
933
+ /* laxi schema validation: ignore unknown nodes */
934
+ xmlSecError(XMLSEC_ERRORS_HERE,
935
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
936
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
937
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
938
+ XMLSEC_ERRORS_NO_MESSAGE);
939
+ return(-1);
940
+ }
941
+ if(ret < 0) {
942
+ xmlSecError(XMLSEC_ERRORS_HERE,
943
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
944
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
945
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
946
+ "read node failed");
947
+ return(-1);
948
+ }
949
+ }
950
+ return(0);
951
+ }
952
+
953
+ static int
954
+ xmlSecOpenSSLX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
955
+ xmlChar *content;
956
+ X509* cert;
957
+ int ret;
958
+
959
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
960
+ xmlSecAssert2(node != NULL, -1);
961
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
962
+
963
+ content = xmlNodeGetContent(node);
964
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
965
+ if(content != NULL) {
966
+ xmlFree(content);
967
+ }
968
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
969
+ xmlSecError(XMLSEC_ERRORS_HERE,
970
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
971
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
972
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
973
+ XMLSEC_ERRORS_NO_MESSAGE);
974
+ return(-1);
975
+ }
976
+ return(0);
977
+ }
978
+
979
+ cert = xmlSecOpenSSLX509CertBase64DerRead(content);
980
+ if(cert == NULL) {
981
+ xmlSecError(XMLSEC_ERRORS_HERE,
982
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
983
+ "xmlSecOpenSSLX509CertBase64DerRead",
984
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
985
+ XMLSEC_ERRORS_NO_MESSAGE);
986
+ xmlFree(content);
987
+ return(-1);
988
+ }
989
+
990
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
991
+ if(ret < 0) {
992
+ xmlSecError(XMLSEC_ERRORS_HERE,
993
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
994
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
995
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
996
+ XMLSEC_ERRORS_NO_MESSAGE);
997
+ X509_free(cert);
998
+ xmlFree(content);
999
+ return(-1);
1000
+ }
1001
+
1002
+ xmlFree(content);
1003
+ return(0);
1004
+ }
1005
+
1006
+ static int
1007
+ xmlSecOpenSSLX509CertificateNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1008
+ xmlChar* buf;
1009
+ xmlNodePtr cur;
1010
+
1011
+ xmlSecAssert2(cert != NULL, -1);
1012
+ xmlSecAssert2(node != NULL, -1);
1013
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1014
+
1015
+ /* set base64 lines size from context */
1016
+ buf = xmlSecOpenSSLX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
1017
+ if(buf == NULL) {
1018
+ xmlSecError(XMLSEC_ERRORS_HERE,
1019
+ NULL,
1020
+ "xmlSecOpenSSLX509CertBase64DerWrite",
1021
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1022
+ XMLSEC_ERRORS_NO_MESSAGE);
1023
+ return(-1);
1024
+ }
1025
+
1026
+ cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
1027
+ if(cur == NULL) {
1028
+ xmlSecError(XMLSEC_ERRORS_HERE,
1029
+ NULL,
1030
+ "xmlSecAddChild",
1031
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1032
+ "node=%s",
1033
+ xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
1034
+ xmlFree(buf);
1035
+ return(-1);
1036
+ }
1037
+
1038
+ /* todo: add \n around base64 data - from context */
1039
+ /* todo: add errors check */
1040
+ xmlNodeSetContent(cur, xmlSecStringCR);
1041
+ xmlNodeSetContent(cur, buf);
1042
+ xmlFree(buf);
1043
+ return(0);
1044
+ }
1045
+
1046
+ static int
1047
+ xmlSecOpenSSLX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1048
+ xmlSecKeyDataStorePtr x509Store;
1049
+ xmlChar* subject;
1050
+ X509* cert;
1051
+ X509* cert2;
1052
+ int ret;
1053
+
1054
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
1055
+ xmlSecAssert2(node != NULL, -1);
1056
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1057
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1058
+
1059
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
1060
+ if(x509Store == NULL) {
1061
+ xmlSecError(XMLSEC_ERRORS_HERE,
1062
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1063
+ "xmlSecKeysMngrGetDataStore",
1064
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1065
+ XMLSEC_ERRORS_NO_MESSAGE);
1066
+ return(-1);
1067
+ }
1068
+
1069
+ subject = xmlNodeGetContent(node);
1070
+ if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
1071
+ if(subject != NULL) {
1072
+ xmlFree(subject);
1073
+ }
1074
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1075
+ xmlSecError(XMLSEC_ERRORS_HERE,
1076
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1077
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1078
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1079
+ XMLSEC_ERRORS_NO_MESSAGE);
1080
+ return(-1);
1081
+ }
1082
+ return(0);
1083
+ }
1084
+
1085
+ cert = xmlSecOpenSSLX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
1086
+ if(cert == NULL){
1087
+
1088
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1089
+ xmlSecError(XMLSEC_ERRORS_HERE,
1090
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1091
+ NULL,
1092
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1093
+ "subject=%s",
1094
+ xmlSecErrorsSafeString(subject));
1095
+ xmlFree(subject);
1096
+ return(-1);
1097
+ }
1098
+
1099
+ xmlFree(subject);
1100
+ return(0);
1101
+ }
1102
+
1103
+ cert2 = X509_dup(cert);
1104
+ if(cert2 == NULL) {
1105
+ xmlSecError(XMLSEC_ERRORS_HERE,
1106
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1107
+ "X509_dup",
1108
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1109
+ XMLSEC_ERRORS_NO_MESSAGE);
1110
+
1111
+ xmlFree(subject);
1112
+ return(-1);
1113
+ }
1114
+
1115
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
1116
+ if(ret < 0) {
1117
+ xmlSecError(XMLSEC_ERRORS_HERE,
1118
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1119
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
1120
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1121
+ XMLSEC_ERRORS_NO_MESSAGE);
1122
+ X509_free(cert2);
1123
+ xmlFree(subject);
1124
+ return(-1);
1125
+ }
1126
+
1127
+ xmlFree(subject);
1128
+ return(0);
1129
+ }
1130
+
1131
+ static int
1132
+ xmlSecOpenSSLX509SubjectNameNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1133
+ xmlChar* buf = NULL;
1134
+ xmlNodePtr cur = NULL;
1135
+
1136
+ xmlSecAssert2(cert != NULL, -1);
1137
+ xmlSecAssert2(node != NULL, -1);
1138
+
1139
+ buf = xmlSecOpenSSLX509NameWrite(X509_get_subject_name(cert));
1140
+ if(buf == NULL) {
1141
+ xmlSecError(XMLSEC_ERRORS_HERE,
1142
+ NULL,
1143
+ "xmlSecOpenSSLX509NameWrite(X509_get_subject_name)",
1144
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1145
+ XMLSEC_ERRORS_NO_MESSAGE);
1146
+ return(-1);
1147
+ }
1148
+
1149
+ cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
1150
+ if(cur == NULL) {
1151
+ xmlSecError(XMLSEC_ERRORS_HERE,
1152
+ NULL,
1153
+ "xmlSecAddChild",
1154
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1155
+ "node=%s",
1156
+ xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
1157
+ xmlFree(buf);
1158
+ return(-1);
1159
+ }
1160
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1161
+ xmlFree(buf);
1162
+ return(0);
1163
+ }
1164
+
1165
+ static int
1166
+ xmlSecOpenSSLX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1167
+ xmlSecKeyDataStorePtr x509Store;
1168
+ xmlNodePtr cur;
1169
+ xmlChar *issuerName;
1170
+ xmlChar *issuerSerial;
1171
+ X509* cert;
1172
+ X509* cert2;
1173
+ int ret;
1174
+
1175
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
1176
+ xmlSecAssert2(node != NULL, -1);
1177
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1178
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1179
+
1180
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
1181
+ if(x509Store == NULL) {
1182
+ xmlSecError(XMLSEC_ERRORS_HERE,
1183
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1184
+ "xmlSecKeysMngrGetDataStore",
1185
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1186
+ XMLSEC_ERRORS_NO_MESSAGE);
1187
+ return(-1);
1188
+ }
1189
+
1190
+ cur = xmlSecGetNextElementNode(node->children);
1191
+ if(cur == NULL) {
1192
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1193
+ xmlSecError(XMLSEC_ERRORS_HERE,
1194
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1195
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1196
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1197
+ "node=%s",
1198
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1199
+ return(-1);
1200
+ }
1201
+ return(0);
1202
+ }
1203
+
1204
+ /* the first is required node X509IssuerName */
1205
+ if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
1206
+ xmlSecError(XMLSEC_ERRORS_HERE,
1207
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1208
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
1209
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1210
+ "node=%s",
1211
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1212
+ return(-1);
1213
+ }
1214
+ issuerName = xmlNodeGetContent(cur);
1215
+ if(issuerName == NULL) {
1216
+ xmlSecError(XMLSEC_ERRORS_HERE,
1217
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1218
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1219
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1220
+ "node=%s",
1221
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1222
+ return(-1);
1223
+ }
1224
+ cur = xmlSecGetNextElementNode(cur->next);
1225
+
1226
+ /* next is required node X509SerialNumber */
1227
+ if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
1228
+ xmlSecError(XMLSEC_ERRORS_HERE,
1229
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1230
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1231
+ XMLSEC_ERRORS_R_NODE_NOT_FOUND,
1232
+ "node=%s",
1233
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1234
+ xmlFree(issuerName);
1235
+ return(-1);
1236
+ }
1237
+ issuerSerial = xmlNodeGetContent(cur);
1238
+ if(issuerSerial == NULL) {
1239
+ xmlSecError(XMLSEC_ERRORS_HERE,
1240
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1241
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
1242
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1243
+ "node=%s",
1244
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
1245
+ xmlFree(issuerName);
1246
+ return(-1);
1247
+ }
1248
+ cur = xmlSecGetNextElementNode(cur->next);
1249
+
1250
+ if(cur != NULL) {
1251
+ xmlSecError(XMLSEC_ERRORS_HERE,
1252
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1253
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
1254
+ XMLSEC_ERRORS_R_UNEXPECTED_NODE,
1255
+ XMLSEC_ERRORS_NO_MESSAGE);
1256
+ xmlFree(issuerSerial);
1257
+ xmlFree(issuerName);
1258
+ return(-1);
1259
+ }
1260
+
1261
+ cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
1262
+ if(cert == NULL){
1263
+
1264
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1265
+ xmlSecError(XMLSEC_ERRORS_HERE,
1266
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1267
+ NULL,
1268
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1269
+ "issuerName=%s;issuerSerial=%s",
1270
+ xmlSecErrorsSafeString(issuerName),
1271
+ xmlSecErrorsSafeString(issuerSerial));
1272
+ xmlFree(issuerSerial);
1273
+ xmlFree(issuerName);
1274
+ return(-1);
1275
+ }
1276
+ xmlFree(issuerSerial);
1277
+ xmlFree(issuerName);
1278
+ return(0);
1279
+ }
1280
+
1281
+ cert2 = X509_dup(cert);
1282
+ if(cert2 == NULL) {
1283
+ xmlSecError(XMLSEC_ERRORS_HERE,
1284
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1285
+ "X509_dup",
1286
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1287
+ XMLSEC_ERRORS_NO_MESSAGE);
1288
+ xmlFree(issuerSerial);
1289
+ xmlFree(issuerName);
1290
+ return(-1);
1291
+ }
1292
+
1293
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
1294
+ if(ret < 0) {
1295
+ xmlSecError(XMLSEC_ERRORS_HERE,
1296
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1297
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
1298
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1299
+ XMLSEC_ERRORS_NO_MESSAGE);
1300
+ X509_free(cert2);
1301
+ xmlFree(issuerSerial);
1302
+ xmlFree(issuerName);
1303
+ return(-1);
1304
+ }
1305
+
1306
+ xmlFree(issuerSerial);
1307
+ xmlFree(issuerName);
1308
+ return(0);
1309
+ }
1310
+
1311
+ static int
1312
+ xmlSecOpenSSLX509IssuerSerialNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1313
+ xmlNodePtr cur;
1314
+ xmlNodePtr issuerNameNode;
1315
+ xmlNodePtr issuerNumberNode;
1316
+ xmlChar* buf;
1317
+
1318
+ xmlSecAssert2(cert != NULL, -1);
1319
+ xmlSecAssert2(node != NULL, -1);
1320
+
1321
+ /* create xml nodes */
1322
+ cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
1323
+ if(cur == NULL) {
1324
+ xmlSecError(XMLSEC_ERRORS_HERE,
1325
+ NULL,
1326
+ "xmlSecAddChild",
1327
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1328
+ "node=%s",
1329
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
1330
+ return(-1);
1331
+ }
1332
+
1333
+ issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
1334
+ if(issuerNameNode == NULL) {
1335
+ xmlSecError(XMLSEC_ERRORS_HERE,
1336
+ NULL,
1337
+ "xmlSecAddChild",
1338
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1339
+ "node=%s",
1340
+ xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
1341
+ return(-1);
1342
+ }
1343
+
1344
+ issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
1345
+ if(issuerNumberNode == NULL) {
1346
+ xmlSecError(XMLSEC_ERRORS_HERE,
1347
+ NULL,
1348
+ "xmlSecAddChild",
1349
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1350
+ "node=%s",
1351
+ xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
1352
+ return(-1);
1353
+ }
1354
+
1355
+ /* write data */
1356
+ buf = xmlSecOpenSSLX509NameWrite(X509_get_issuer_name(cert));
1357
+ if(buf == NULL) {
1358
+ xmlSecError(XMLSEC_ERRORS_HERE,
1359
+ NULL,
1360
+ "xmlSecOpenSSLX509NameWrite(X509_get_issuer_name)",
1361
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1362
+ XMLSEC_ERRORS_NO_MESSAGE);
1363
+ return(-1);
1364
+ }
1365
+ xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
1366
+ xmlFree(buf);
1367
+
1368
+ buf = xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber(cert));
1369
+ if(buf == NULL) {
1370
+ xmlSecError(XMLSEC_ERRORS_HERE,
1371
+ NULL,
1372
+ "xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber)",
1373
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1374
+ XMLSEC_ERRORS_NO_MESSAGE);
1375
+ return(-1);
1376
+ }
1377
+ xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
1378
+ xmlFree(buf);
1379
+
1380
+ return(0);
1381
+ }
1382
+
1383
+
1384
+ static int
1385
+ xmlSecOpenSSLX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1386
+ xmlSecKeyDataStorePtr x509Store;
1387
+ xmlChar* ski;
1388
+ X509* cert;
1389
+ X509* cert2;
1390
+ int ret;
1391
+
1392
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
1393
+ xmlSecAssert2(node != NULL, -1);
1394
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1395
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1396
+
1397
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
1398
+ if(x509Store == NULL) {
1399
+ xmlSecError(XMLSEC_ERRORS_HERE,
1400
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1401
+ "xmlSecKeysMngrGetDataStore",
1402
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1403
+ XMLSEC_ERRORS_NO_MESSAGE);
1404
+ return(-1);
1405
+ }
1406
+
1407
+ ski = xmlNodeGetContent(node);
1408
+ if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
1409
+ if(ski != NULL) {
1410
+ xmlFree(ski);
1411
+ }
1412
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1413
+ xmlSecError(XMLSEC_ERRORS_HERE,
1414
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1415
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1416
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1417
+ "node=%s",
1418
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1419
+ return(-1);
1420
+ }
1421
+ return(0);
1422
+ }
1423
+
1424
+ cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
1425
+ if(cert == NULL){
1426
+ xmlFree(ski);
1427
+
1428
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
1429
+ xmlSecError(XMLSEC_ERRORS_HERE,
1430
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1431
+ NULL,
1432
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1433
+ "ski=%s",
1434
+ xmlSecErrorsSafeString(ski));
1435
+ return(-1);
1436
+ }
1437
+ return(0);
1438
+ }
1439
+
1440
+ cert2 = X509_dup(cert);
1441
+ if(cert2 == NULL) {
1442
+ xmlSecError(XMLSEC_ERRORS_HERE,
1443
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1444
+ "X509_dup",
1445
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1446
+ XMLSEC_ERRORS_NO_MESSAGE);
1447
+ xmlFree(ski);
1448
+ return(-1);
1449
+ }
1450
+
1451
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
1452
+ if(ret < 0) {
1453
+ xmlSecError(XMLSEC_ERRORS_HERE,
1454
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1455
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
1456
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1457
+ XMLSEC_ERRORS_NO_MESSAGE);
1458
+ X509_free(cert2);
1459
+ xmlFree(ski);
1460
+ return(-1);
1461
+ }
1462
+
1463
+ xmlFree(ski);
1464
+ return(0);
1465
+ }
1466
+
1467
+ static int
1468
+ xmlSecOpenSSLX509SKINodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
1469
+ xmlChar *buf = NULL;
1470
+ xmlNodePtr cur = NULL;
1471
+
1472
+ xmlSecAssert2(cert != NULL, -1);
1473
+ xmlSecAssert2(node != NULL, -1);
1474
+
1475
+ buf = xmlSecOpenSSLX509SKIWrite(cert);
1476
+ if(buf == NULL) {
1477
+ xmlSecError(XMLSEC_ERRORS_HERE,
1478
+ NULL,
1479
+ "xmlSecOpenSSLX509SKIWrite",
1480
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1481
+ XMLSEC_ERRORS_NO_MESSAGE);
1482
+ return(-1);
1483
+ }
1484
+
1485
+ cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
1486
+ if(cur == NULL) {
1487
+ xmlSecError(XMLSEC_ERRORS_HERE,
1488
+ NULL,
1489
+ "xmlSecAddChild",
1490
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1491
+ "new_node=%s",
1492
+ xmlSecErrorsSafeString(xmlSecNodeX509SKI));
1493
+ xmlFree(buf);
1494
+ return(-1);
1495
+ }
1496
+ xmlSecNodeEncodeAndSetContent(cur, buf);
1497
+ xmlFree(buf);
1498
+
1499
+ return(0);
1500
+ }
1501
+
1502
+ static int
1503
+ xmlSecOpenSSLX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1504
+ xmlChar *content;
1505
+ X509_CRL* crl;
1506
+ int ret;
1507
+
1508
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
1509
+ xmlSecAssert2(node != NULL, -1);
1510
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1511
+
1512
+ content = xmlNodeGetContent(node);
1513
+ if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
1514
+ if(content != NULL) {
1515
+ xmlFree(content);
1516
+ }
1517
+ if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
1518
+ xmlSecError(XMLSEC_ERRORS_HERE,
1519
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1520
+ xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
1521
+ XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
1522
+ XMLSEC_ERRORS_NO_MESSAGE);
1523
+ return(-1);
1524
+ }
1525
+ return(0);
1526
+ }
1527
+
1528
+ crl = xmlSecOpenSSLX509CrlBase64DerRead(content);
1529
+ if(crl == NULL) {
1530
+ xmlSecError(XMLSEC_ERRORS_HERE,
1531
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1532
+ "xmlSecOpenSSLX509CrlBase64DerRead",
1533
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1534
+ XMLSEC_ERRORS_NO_MESSAGE);
1535
+ xmlFree(content);
1536
+ return(-1);
1537
+ }
1538
+
1539
+ ret = xmlSecOpenSSLKeyDataX509AdoptCrl(data, crl);
1540
+ if(ret < 0) {
1541
+ xmlSecError(XMLSEC_ERRORS_HERE,
1542
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1543
+ "xmlSecOpenSSLKeyDataX509AdoptCrl",
1544
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1545
+ XMLSEC_ERRORS_NO_MESSAGE);
1546
+ X509_CRL_free(crl);
1547
+ xmlFree(content);
1548
+ return(-1);
1549
+ }
1550
+
1551
+ xmlFree(content);
1552
+ return(0);
1553
+ }
1554
+
1555
+ static int
1556
+ xmlSecOpenSSLX509CRLNodeWrite(X509_CRL* crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
1557
+ xmlChar* buf = NULL;
1558
+ xmlNodePtr cur = NULL;
1559
+
1560
+ xmlSecAssert2(crl != NULL, -1);
1561
+ xmlSecAssert2(node != NULL, -1);
1562
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1563
+
1564
+ /* set base64 lines size from context */
1565
+ buf = xmlSecOpenSSLX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
1566
+ if(buf == NULL) {
1567
+ xmlSecError(XMLSEC_ERRORS_HERE,
1568
+ NULL,
1569
+ "xmlSecOpenSSLX509CrlBase64DerWrite",
1570
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1571
+ XMLSEC_ERRORS_NO_MESSAGE);
1572
+ return(-1);
1573
+ }
1574
+
1575
+ cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
1576
+ if(cur == NULL) {
1577
+ xmlSecError(XMLSEC_ERRORS_HERE,
1578
+ NULL,
1579
+ "xmlSecAddChild",
1580
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1581
+ "new_node=%s",
1582
+ xmlSecErrorsSafeString(xmlSecNodeX509CRL));
1583
+ xmlFree(buf);
1584
+ return(-1);
1585
+ }
1586
+ /* todo: add \n around base64 data - from context */
1587
+ /* todo: add errors check */
1588
+ xmlNodeSetContent(cur, xmlSecStringCR);
1589
+ xmlNodeSetContent(cur, buf);
1590
+ xmlFree(buf);
1591
+
1592
+ return(0);
1593
+ }
1594
+
1595
+ static int
1596
+ xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
1597
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
1598
+ xmlSecOpenSSLX509DataCtxPtr ctx;
1599
+ xmlSecKeyDataStorePtr x509Store;
1600
+ int ret;
1601
+
1602
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
1603
+ xmlSecAssert2(key != NULL, -1);
1604
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
1605
+ xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
1606
+
1607
+ ctx = xmlSecOpenSSLX509DataGetCtx(data);
1608
+ xmlSecAssert2(ctx != NULL, -1);
1609
+
1610
+ x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
1611
+ if(x509Store == NULL) {
1612
+ xmlSecError(XMLSEC_ERRORS_HERE,
1613
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1614
+ "xmlSecKeysMngrGetDataStore",
1615
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1616
+ XMLSEC_ERRORS_NO_MESSAGE);
1617
+ return(-1);
1618
+ }
1619
+
1620
+ if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
1621
+ X509* cert;
1622
+
1623
+ cert = xmlSecOpenSSLX509StoreVerify(x509Store, ctx->certsList, ctx->crlsList, keyInfoCtx);
1624
+ if(cert != NULL) {
1625
+ xmlSecKeyDataPtr keyValue;
1626
+
1627
+ ctx->keyCert = X509_dup(cert);
1628
+ if(ctx->keyCert == NULL) {
1629
+ xmlSecError(XMLSEC_ERRORS_HERE,
1630
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1631
+ "X509_dup",
1632
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1633
+ XMLSEC_ERRORS_NO_MESSAGE);
1634
+ return(-1);
1635
+ }
1636
+
1637
+ keyValue = xmlSecOpenSSLX509CertGetKey(ctx->keyCert);
1638
+ if(keyValue == NULL) {
1639
+ xmlSecError(XMLSEC_ERRORS_HERE,
1640
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1641
+ "xmlSecOpenSSLX509CertGetKey",
1642
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1643
+ XMLSEC_ERRORS_NO_MESSAGE);
1644
+ return(-1);
1645
+ }
1646
+
1647
+ /* verify that the key matches our expectations */
1648
+ if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
1649
+ xmlSecError(XMLSEC_ERRORS_HERE,
1650
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1651
+ "xmlSecKeyReqMatchKeyValue",
1652
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1653
+ XMLSEC_ERRORS_NO_MESSAGE);
1654
+ xmlSecKeyDataDestroy(keyValue);
1655
+ return(-1);
1656
+ }
1657
+
1658
+ ret = xmlSecKeySetValue(key, keyValue);
1659
+ if(ret < 0) {
1660
+ xmlSecError(XMLSEC_ERRORS_HERE,
1661
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1662
+ "xmlSecKeySetValue",
1663
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1664
+ XMLSEC_ERRORS_NO_MESSAGE);
1665
+ xmlSecKeyDataDestroy(keyValue);
1666
+ return(-1);
1667
+ }
1668
+
1669
+ if((X509_get_notBefore(ctx->keyCert) != NULL) && (X509_get_notAfter(ctx->keyCert) != NULL)) {
1670
+ ret = xmlSecOpenSSLX509CertGetTime(X509_get_notBefore(ctx->keyCert), &(key->notValidBefore));
1671
+ if(ret < 0) {
1672
+ xmlSecError(XMLSEC_ERRORS_HERE,
1673
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1674
+ "xmlSecOpenSSLX509CertGetTime",
1675
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1676
+ "notValidBefore");
1677
+ return(-1);
1678
+ }
1679
+ ret = xmlSecOpenSSLX509CertGetTime(X509_get_notAfter(ctx->keyCert), &(key->notValidAfter));
1680
+ if(ret < 0) {
1681
+ xmlSecError(XMLSEC_ERRORS_HERE,
1682
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1683
+ "xmlSecOpenSSLX509CertGetTime",
1684
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1685
+ "notValidAfter");
1686
+ return(-1);
1687
+ }
1688
+ } else {
1689
+ key->notValidBefore = key->notValidAfter = 0;
1690
+ }
1691
+ } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
1692
+ xmlSecError(XMLSEC_ERRORS_HERE,
1693
+ xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
1694
+ NULL,
1695
+ XMLSEC_ERRORS_R_CERT_NOT_FOUND,
1696
+ XMLSEC_ERRORS_NO_MESSAGE);
1697
+ return(-1);
1698
+ }
1699
+ }
1700
+ return(0);
1701
+ }
1702
+
1703
+ #ifdef HAVE_TIMEGM
1704
+ extern time_t timegm (struct tm *tm);
1705
+ #else /* HAVE_TIMEGM */
1706
+ #ifdef WIN32
1707
+ #define timegm(tm) (mktime(tm) - _timezone)
1708
+ #else /* WIN32 */
1709
+ /* Absolutely not the best way but it's the only ANSI compatible way I know.
1710
+ * If you system has a native struct tm --> GMT time_t conversion function
1711
+ * (like timegm) use it instead.
1712
+ */
1713
+ static time_t
1714
+ my_timegm(struct tm *t) {
1715
+ time_t tl, tb;
1716
+ struct tm *tg;
1717
+
1718
+ tl = mktime (t);
1719
+ if(tl == -1) {
1720
+ t->tm_hour--;
1721
+ tl = mktime (t);
1722
+ if (tl == -1) {
1723
+ return -1;
1724
+ }
1725
+ tl += 3600;
1726
+ }
1727
+ tg = gmtime (&tl);
1728
+ tg->tm_isdst = 0;
1729
+ tb = mktime (tg);
1730
+ if (tb == -1) {
1731
+ tg->tm_hour--;
1732
+ tb = mktime (tg);
1733
+ if (tb == -1) {
1734
+ return -1;
1735
+ }
1736
+ tb += 3600;
1737
+ }
1738
+ return (tl - (tb - tl));
1739
+ }
1740
+
1741
+ #define timegm(tm) my_timegm(tm)
1742
+ #endif /* WIN32 */
1743
+ #endif /* HAVE_TIMEGM */
1744
+
1745
+ static int
1746
+ xmlSecOpenSSLX509CertGetTime(ASN1_TIME* t, time_t* res) {
1747
+ struct tm tm;
1748
+ int offset;
1749
+
1750
+ xmlSecAssert2(t != NULL, -1);
1751
+ xmlSecAssert2(res != NULL, -1);
1752
+
1753
+ (*res) = 0;
1754
+ #ifndef XMLSEC_OPENSSL_096
1755
+ if(!ASN1_TIME_check(t)) {
1756
+ xmlSecError(XMLSEC_ERRORS_HERE,
1757
+ NULL,
1758
+ "ASN1_TIME_check",
1759
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1760
+ XMLSEC_ERRORS_NO_MESSAGE);
1761
+ return(-1);
1762
+ }
1763
+ #endif /* XMLSEC_OPENSSL_096 */
1764
+
1765
+ memset(&tm, 0, sizeof(tm));
1766
+
1767
+ #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
1768
+ if(t->type == V_ASN1_UTCTIME) {
1769
+ xmlSecAssert2(t->length > 12, -1);
1770
+
1771
+
1772
+ /* this code is copied from OpenSSL asn1/a_utctm.c file */
1773
+ tm.tm_year = g2(t->data);
1774
+ if(tm.tm_year < 50) {
1775
+ tm.tm_year += 100;
1776
+ }
1777
+ tm.tm_mon = g2(t->data + 2) - 1;
1778
+ tm.tm_mday = g2(t->data + 4);
1779
+ tm.tm_hour = g2(t->data + 6);
1780
+ tm.tm_min = g2(t->data + 8);
1781
+ tm.tm_sec = g2(t->data + 10);
1782
+ if(t->data[12] == 'Z') {
1783
+ offset = 0;
1784
+ } else {
1785
+ xmlSecAssert2(t->length > 16, -1);
1786
+
1787
+ offset = g2(t->data + 13) * 60 + g2(t->data + 15);
1788
+ if(t->data[12] == '-') {
1789
+ offset = -offset;
1790
+ }
1791
+ }
1792
+ tm.tm_isdst = -1;
1793
+ } else {
1794
+ xmlSecAssert2(t->length > 14, -1);
1795
+
1796
+ tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
1797
+ tm.tm_mon = g2(t->data + 4) - 1;
1798
+ tm.tm_mday = g2(t->data + 6);
1799
+ tm.tm_hour = g2(t->data + 8);
1800
+ tm.tm_min = g2(t->data + 10);
1801
+ tm.tm_sec = g2(t->data + 12);
1802
+ if(t->data[14] == 'Z') {
1803
+ offset = 0;
1804
+ } else {
1805
+ xmlSecAssert2(t->length > 18, -1);
1806
+
1807
+ offset = g2(t->data + 15) * 60 + g2(t->data + 17);
1808
+ if(t->data[14] == '-') {
1809
+ offset = -offset;
1810
+ }
1811
+ }
1812
+ tm.tm_isdst = -1;
1813
+ }
1814
+ #undef g2
1815
+ (*res) = timegm(&tm) - offset * 60;
1816
+ return(0);
1817
+ }
1818
+
1819
+ /**
1820
+ * xmlSecOpenSSLX509CertGetKey:
1821
+ * @cert: the certificate.
1822
+ *
1823
+ * Extracts public key from the @cert.
1824
+ *
1825
+ * Returns: public key value or NULL if an error occurs.
1826
+ */
1827
+ xmlSecKeyDataPtr
1828
+ xmlSecOpenSSLX509CertGetKey(X509* cert) {
1829
+ xmlSecKeyDataPtr data;
1830
+ EVP_PKEY *pKey = NULL;
1831
+
1832
+ xmlSecAssert2(cert != NULL, NULL);
1833
+
1834
+ pKey = X509_get_pubkey(cert);
1835
+ if(pKey == NULL) {
1836
+ xmlSecError(XMLSEC_ERRORS_HERE,
1837
+ NULL,
1838
+ "X509_get_pubkey",
1839
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1840
+ XMLSEC_ERRORS_NO_MESSAGE);
1841
+ return(NULL);
1842
+ }
1843
+
1844
+ data = xmlSecOpenSSLEvpKeyAdopt(pKey);
1845
+ if(data == NULL) {
1846
+ xmlSecError(XMLSEC_ERRORS_HERE,
1847
+ NULL,
1848
+ "xmlSecOpenSSLEvpKeyAdopt",
1849
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1850
+ XMLSEC_ERRORS_NO_MESSAGE);
1851
+ EVP_PKEY_free(pKey);
1852
+ return(NULL);
1853
+ }
1854
+
1855
+ return(data);
1856
+ }
1857
+
1858
+ static X509*
1859
+ xmlSecOpenSSLX509CertBase64DerRead(xmlChar* buf) {
1860
+ int ret;
1861
+
1862
+ xmlSecAssert2(buf != NULL, NULL);
1863
+
1864
+ /* usual trick with base64 decoding "in-place" */
1865
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1866
+ if(ret < 0) {
1867
+ xmlSecError(XMLSEC_ERRORS_HERE,
1868
+ NULL,
1869
+ "xmlSecBase64Decode",
1870
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1871
+ XMLSEC_ERRORS_NO_MESSAGE);
1872
+ return(NULL);
1873
+ }
1874
+
1875
+ return(xmlSecOpenSSLX509CertDerRead((xmlSecByte*)buf, ret));
1876
+ }
1877
+
1878
+ static X509*
1879
+ xmlSecOpenSSLX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
1880
+ X509 *cert = NULL;
1881
+ BIO *mem = NULL;
1882
+ int ret;
1883
+
1884
+ xmlSecAssert2(buf != NULL, NULL);
1885
+ xmlSecAssert2(size > 0, NULL);
1886
+
1887
+ mem = BIO_new(BIO_s_mem());
1888
+ if(mem == NULL) {
1889
+ xmlSecError(XMLSEC_ERRORS_HERE,
1890
+ NULL,
1891
+ "BIO_new",
1892
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1893
+ "BIO_s_mem");
1894
+ return(NULL);
1895
+ }
1896
+
1897
+ ret = BIO_write(mem, buf, size);
1898
+ if(ret <= 0) {
1899
+ xmlSecError(XMLSEC_ERRORS_HERE,
1900
+ NULL,
1901
+ "BIO_write",
1902
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1903
+ "size=%d", size);
1904
+ BIO_free_all(mem);
1905
+ return(NULL);
1906
+ }
1907
+
1908
+ cert = d2i_X509_bio(mem, NULL);
1909
+ if(cert == NULL) {
1910
+ xmlSecError(XMLSEC_ERRORS_HERE,
1911
+ NULL,
1912
+ "d2i_X509_bio",
1913
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1914
+ XMLSEC_ERRORS_NO_MESSAGE);
1915
+ BIO_free_all(mem);
1916
+ return(NULL);
1917
+ }
1918
+
1919
+ BIO_free_all(mem);
1920
+ return(cert);
1921
+ }
1922
+
1923
+ static xmlChar*
1924
+ xmlSecOpenSSLX509CertBase64DerWrite(X509* cert, int base64LineWrap) {
1925
+ xmlChar *res = NULL;
1926
+ BIO *mem = NULL;
1927
+ xmlSecByte *p = NULL;
1928
+ long size;
1929
+
1930
+ xmlSecAssert2(cert != NULL, NULL);
1931
+
1932
+ mem = BIO_new(BIO_s_mem());
1933
+ if(mem == NULL) {
1934
+ xmlSecError(XMLSEC_ERRORS_HERE,
1935
+ NULL,
1936
+ "BIO_new",
1937
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1938
+ "BIO_s_mem");
1939
+ return(NULL);
1940
+ }
1941
+
1942
+ /* todo: add error checks */
1943
+ i2d_X509_bio(mem, cert);
1944
+ BIO_flush(mem);
1945
+
1946
+ size = BIO_get_mem_data(mem, &p);
1947
+ if((size <= 0) || (p == NULL)){
1948
+ xmlSecError(XMLSEC_ERRORS_HERE,
1949
+ NULL,
1950
+ "BIO_get_mem_data",
1951
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
1952
+ XMLSEC_ERRORS_NO_MESSAGE);
1953
+ BIO_free_all(mem);
1954
+ return(NULL);
1955
+ }
1956
+
1957
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
1958
+ if(res == NULL) {
1959
+ xmlSecError(XMLSEC_ERRORS_HERE,
1960
+ NULL,
1961
+ "xmlSecBase64Encode",
1962
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1963
+ XMLSEC_ERRORS_NO_MESSAGE);
1964
+ BIO_free_all(mem);
1965
+ return(NULL);
1966
+ }
1967
+
1968
+ BIO_free_all(mem);
1969
+ return(res);
1970
+ }
1971
+
1972
+ static X509_CRL*
1973
+ xmlSecOpenSSLX509CrlBase64DerRead(xmlChar* buf) {
1974
+ int ret;
1975
+
1976
+ xmlSecAssert2(buf != NULL, NULL);
1977
+
1978
+ /* usual trick with base64 decoding "in-place" */
1979
+ ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
1980
+ if(ret < 0) {
1981
+ xmlSecError(XMLSEC_ERRORS_HERE,
1982
+ NULL,
1983
+ "xmlSecBase64Decode",
1984
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
1985
+ XMLSEC_ERRORS_NO_MESSAGE);
1986
+ return(NULL);
1987
+ }
1988
+
1989
+ return(xmlSecOpenSSLX509CrlDerRead((xmlSecByte*)buf, ret));
1990
+ }
1991
+
1992
+ static X509_CRL*
1993
+ xmlSecOpenSSLX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) {
1994
+ X509_CRL *crl = NULL;
1995
+ BIO *mem = NULL;
1996
+ int ret;
1997
+
1998
+ xmlSecAssert2(buf != NULL, NULL);
1999
+ xmlSecAssert2(size > 0, NULL);
2000
+
2001
+ mem = BIO_new(BIO_s_mem());
2002
+ if(mem == NULL) {
2003
+ xmlSecError(XMLSEC_ERRORS_HERE,
2004
+ NULL,
2005
+ "BIO_new",
2006
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2007
+ "BIO_s_mem");
2008
+ return(NULL);
2009
+ }
2010
+
2011
+ ret = BIO_write(mem, buf, size);
2012
+ if(ret <= 0) {
2013
+ xmlSecError(XMLSEC_ERRORS_HERE,
2014
+ NULL,
2015
+ "BIO_write",
2016
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2017
+ "size=%d", size);
2018
+ BIO_free_all(mem);
2019
+ return(NULL);
2020
+ }
2021
+
2022
+ crl = d2i_X509_CRL_bio(mem, NULL);
2023
+ if(crl == NULL) {
2024
+ xmlSecError(XMLSEC_ERRORS_HERE,
2025
+ NULL,
2026
+ "d2i_X509_CRL_bio",
2027
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2028
+ XMLSEC_ERRORS_NO_MESSAGE);
2029
+ BIO_free_all(mem);
2030
+ return(NULL);
2031
+ }
2032
+
2033
+ BIO_free_all(mem);
2034
+ return(crl);
2035
+ }
2036
+
2037
+ static xmlChar*
2038
+ xmlSecOpenSSLX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) {
2039
+ xmlChar *res = NULL;
2040
+ BIO *mem = NULL;
2041
+ xmlSecByte *p = NULL;
2042
+ long size;
2043
+
2044
+ xmlSecAssert2(crl != NULL, NULL);
2045
+
2046
+ mem = BIO_new(BIO_s_mem());
2047
+ if(mem == NULL) {
2048
+ xmlSecError(XMLSEC_ERRORS_HERE,
2049
+ NULL,
2050
+ "BIO_new",
2051
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2052
+ "BIO_s_mem");
2053
+ return(NULL);
2054
+ }
2055
+
2056
+ /* todo: add error checks */
2057
+ i2d_X509_CRL_bio(mem, crl);
2058
+ BIO_flush(mem);
2059
+
2060
+ size = BIO_get_mem_data(mem, &p);
2061
+ if((size <= 0) || (p == NULL)){
2062
+ xmlSecError(XMLSEC_ERRORS_HERE,
2063
+ NULL,
2064
+ "BIO_get_mem_data",
2065
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2066
+ XMLSEC_ERRORS_NO_MESSAGE);
2067
+ BIO_free_all(mem);
2068
+ return(NULL);
2069
+ }
2070
+
2071
+ res = xmlSecBase64Encode(p, size, base64LineWrap);
2072
+ if(res == NULL) {
2073
+ xmlSecError(XMLSEC_ERRORS_HERE,
2074
+ NULL,
2075
+ "xmlSecBase64Encode",
2076
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2077
+ XMLSEC_ERRORS_NO_MESSAGE);
2078
+ BIO_free_all(mem);
2079
+ return(NULL);
2080
+ }
2081
+
2082
+ BIO_free_all(mem);
2083
+ return(res);
2084
+ }
2085
+
2086
+ static xmlChar*
2087
+ xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
2088
+ xmlChar *res = NULL;
2089
+ BIO *mem = NULL;
2090
+ long size;
2091
+
2092
+ xmlSecAssert2(nm != NULL, NULL);
2093
+
2094
+ mem = BIO_new(BIO_s_mem());
2095
+ if(mem == NULL) {
2096
+ xmlSecError(XMLSEC_ERRORS_HERE,
2097
+ NULL,
2098
+ "BIO_new",
2099
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2100
+ "BIO_s_mem");
2101
+ return(NULL);
2102
+ }
2103
+
2104
+ if (X509_NAME_print_ex(mem, nm, 0, XN_FLAG_RFC2253) <=0) {
2105
+ xmlSecError(XMLSEC_ERRORS_HERE,
2106
+ NULL,
2107
+ "X509_NAME_print_ex",
2108
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2109
+ XMLSEC_ERRORS_NO_MESSAGE);
2110
+ BIO_free_all(mem);
2111
+ return(NULL);
2112
+ }
2113
+
2114
+ BIO_flush(mem); /* should call flush ? */
2115
+
2116
+ size = BIO_pending(mem);
2117
+ res = xmlMalloc(size + 1);
2118
+ if(res == NULL) {
2119
+ xmlSecError(XMLSEC_ERRORS_HERE,
2120
+ NULL,
2121
+ "xmlMalloc",
2122
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
2123
+ XMLSEC_ERRORS_NO_MESSAGE);
2124
+ BIO_free_all(mem);
2125
+ return(NULL);
2126
+ }
2127
+
2128
+ size = BIO_read(mem, res, size);
2129
+ res[size] = '\0';
2130
+
2131
+ BIO_free_all(mem);
2132
+ return(res);
2133
+ }
2134
+
2135
+ static xmlChar*
2136
+ xmlSecOpenSSLASN1IntegerWrite(ASN1_INTEGER *asni) {
2137
+ xmlChar *res = NULL;
2138
+ BIGNUM *bn;
2139
+ char *p;
2140
+
2141
+ xmlSecAssert2(asni != NULL, NULL);
2142
+
2143
+ bn = ASN1_INTEGER_to_BN(asni, NULL);
2144
+ if(bn == NULL) {
2145
+ xmlSecError(XMLSEC_ERRORS_HERE,
2146
+ NULL,
2147
+ "ASN1_INTEGER_to_BN",
2148
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2149
+ XMLSEC_ERRORS_NO_MESSAGE);
2150
+ return(NULL);
2151
+ }
2152
+
2153
+ p = BN_bn2dec(bn);
2154
+ if (p == NULL) {
2155
+ xmlSecError(XMLSEC_ERRORS_HERE,
2156
+ NULL,
2157
+ "BN_bn2dec",
2158
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2159
+ XMLSEC_ERRORS_NO_MESSAGE);
2160
+ BN_free(bn);
2161
+ return(NULL);
2162
+ }
2163
+ BN_free(bn);
2164
+ bn = NULL;
2165
+
2166
+ /* OpenSSL and LibXML2 can have different memory callbacks, i.e.
2167
+ when data is allocated in OpenSSL should be freed with OpenSSL
2168
+ method, not with LibXML2 method.
2169
+ */
2170
+ res = xmlCharStrdup(p);
2171
+ if(res == NULL) {
2172
+ xmlSecError(XMLSEC_ERRORS_HERE,
2173
+ NULL,
2174
+ "xmlCharStrdup",
2175
+ XMLSEC_ERRORS_R_MALLOC_FAILED,
2176
+ XMLSEC_ERRORS_NO_MESSAGE);
2177
+ OPENSSL_free(p);
2178
+ return(NULL);
2179
+ }
2180
+ OPENSSL_free(p);
2181
+ p = NULL;
2182
+ return(res);
2183
+ }
2184
+
2185
+ static xmlChar*
2186
+ xmlSecOpenSSLX509SKIWrite(X509* cert) {
2187
+ xmlChar *res = NULL;
2188
+ int index;
2189
+ X509_EXTENSION *ext;
2190
+ ASN1_OCTET_STRING *keyId;
2191
+
2192
+ xmlSecAssert2(cert != NULL, NULL);
2193
+
2194
+ index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
2195
+ if (index < 0) {
2196
+ xmlSecError(XMLSEC_ERRORS_HERE,
2197
+ NULL,
2198
+ "Certificate without SubjectKeyIdentifier extension",
2199
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2200
+ XMLSEC_ERRORS_NO_MESSAGE);
2201
+ return(NULL);
2202
+ }
2203
+
2204
+ ext = X509_get_ext(cert, index);
2205
+ if (ext == NULL) {
2206
+ xmlSecError(XMLSEC_ERRORS_HERE,
2207
+ NULL,
2208
+ "X509_get_ext",
2209
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2210
+ XMLSEC_ERRORS_NO_MESSAGE);
2211
+ return(NULL);
2212
+ }
2213
+
2214
+ keyId = X509V3_EXT_d2i(ext);
2215
+ if (keyId == NULL) {
2216
+ xmlSecError(XMLSEC_ERRORS_HERE,
2217
+ NULL,
2218
+ "X509V3_EXT_d2i",
2219
+ XMLSEC_ERRORS_R_CRYPTO_FAILED,
2220
+ XMLSEC_ERRORS_NO_MESSAGE);
2221
+ M_ASN1_OCTET_STRING_free(keyId);
2222
+ return(NULL);
2223
+ }
2224
+
2225
+ res = xmlSecBase64Encode(M_ASN1_STRING_data(keyId), M_ASN1_STRING_length(keyId), 0);
2226
+ if(res == NULL) {
2227
+ xmlSecError(XMLSEC_ERRORS_HERE,
2228
+ NULL,
2229
+ "xmlSecBase64Encode",
2230
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2231
+ XMLSEC_ERRORS_NO_MESSAGE);
2232
+ M_ASN1_OCTET_STRING_free(keyId);
2233
+ return(NULL);
2234
+ }
2235
+ M_ASN1_OCTET_STRING_free(keyId);
2236
+
2237
+ return(res);
2238
+ }
2239
+
2240
+ static void
2241
+ xmlSecOpenSSLX509CertDebugDump(X509* cert, FILE* output) {
2242
+ char buf[1024];
2243
+ BIGNUM *bn = NULL;
2244
+
2245
+ xmlSecAssert(cert != NULL);
2246
+ xmlSecAssert(output != NULL);
2247
+
2248
+ fprintf(output, "==== Subject Name: %s\n",
2249
+ X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)));
2250
+ fprintf(output, "==== Issuer Name: %s\n",
2251
+ X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
2252
+ fprintf(output, "==== Issuer Serial: ");
2253
+ bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
2254
+ if(bn != NULL) {
2255
+ BN_print_fp(output, bn);
2256
+ BN_free(bn);
2257
+ fprintf(output, "\n");
2258
+ } else {
2259
+ fprintf(output, "unknown\n");
2260
+ }
2261
+ }
2262
+
2263
+
2264
+ static void
2265
+ xmlSecOpenSSLX509CertDebugXmlDump(X509* cert, FILE* output) {
2266
+ char buf[1024];
2267
+ BIGNUM *bn = NULL;
2268
+
2269
+ xmlSecAssert(cert != NULL);
2270
+ xmlSecAssert(output != NULL);
2271
+
2272
+ fprintf(output, "<SubjectName>");
2273
+ xmlSecPrintXmlString(output,
2274
+ BAD_CAST X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))
2275
+ );
2276
+ fprintf(output, "</SubjectName>\n");
2277
+
2278
+
2279
+ fprintf(output, "<IssuerName>");
2280
+ xmlSecPrintXmlString(output,
2281
+ BAD_CAST X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
2282
+ fprintf(output, "</IssuerName>\n");
2283
+
2284
+ fprintf(output, "<SerialNumber>");
2285
+ bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
2286
+ if(bn != NULL) {
2287
+ BN_print_fp(output, bn);
2288
+ BN_free(bn);
2289
+ }
2290
+ fprintf(output, "</SerialNumber>\n");
2291
+ }
2292
+
2293
+
2294
+ /**************************************************************************
2295
+ *
2296
+ * Raw X509 Certificate processing
2297
+ *
2298
+ *
2299
+ *************************************************************************/
2300
+ static int xmlSecOpenSSLKeyDataRawX509CertBinRead (xmlSecKeyDataId id,
2301
+ xmlSecKeyPtr key,
2302
+ const xmlSecByte* buf,
2303
+ xmlSecSize bufSize,
2304
+ xmlSecKeyInfoCtxPtr keyInfoCtx);
2305
+
2306
+ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataRawX509CertKlass = {
2307
+ sizeof(xmlSecKeyDataKlass),
2308
+ sizeof(xmlSecKeyData),
2309
+
2310
+ /* data */
2311
+ xmlSecNameRawX509Cert,
2312
+ xmlSecKeyDataUsageRetrievalMethodNodeBin,
2313
+ /* xmlSecKeyDataUsage usage; */
2314
+ xmlSecHrefRawX509Cert, /* const xmlChar* href; */
2315
+ NULL, /* const xmlChar* dataNodeName; */
2316
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
2317
+
2318
+ /* constructors/destructor */
2319
+ NULL, /* xmlSecKeyDataInitializeMethod initialize; */
2320
+ NULL, /* xmlSecKeyDataDuplicateMethod duplicate; */
2321
+ NULL, /* xmlSecKeyDataFinalizeMethod finalize; */
2322
+ NULL, /* xmlSecKeyDataGenerateMethod generate; */
2323
+
2324
+ /* get info */
2325
+ NULL, /* xmlSecKeyDataGetTypeMethod getType; */
2326
+ NULL, /* xmlSecKeyDataGetSizeMethod getSize; */
2327
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
2328
+
2329
+ /* read/write */
2330
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
2331
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
2332
+ xmlSecOpenSSLKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
2333
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
2334
+
2335
+ /* debug */
2336
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugDump; */
2337
+ NULL, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
2338
+
2339
+ /* reserved for the future */
2340
+ NULL, /* void* reserved0; */
2341
+ NULL, /* void* reserved1; */
2342
+ };
2343
+
2344
+ /**
2345
+ * xmlSecOpenSSLKeyDataRawX509CertGetKlass:
2346
+ *
2347
+ * The raw X509 certificates key data klass.
2348
+ *
2349
+ * Returns: raw X509 certificates key data klass.
2350
+ */
2351
+ xmlSecKeyDataId
2352
+ xmlSecOpenSSLKeyDataRawX509CertGetKlass(void) {
2353
+ return(&xmlSecOpenSSLKeyDataRawX509CertKlass);
2354
+ }
2355
+
2356
+ static int
2357
+ xmlSecOpenSSLKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
2358
+ const xmlSecByte* buf, xmlSecSize bufSize,
2359
+ xmlSecKeyInfoCtxPtr keyInfoCtx) {
2360
+ xmlSecKeyDataPtr data;
2361
+ X509* cert;
2362
+ int ret;
2363
+
2364
+ xmlSecAssert2(id == xmlSecOpenSSLKeyDataRawX509CertId, -1);
2365
+ xmlSecAssert2(key != NULL, -1);
2366
+ xmlSecAssert2(buf != NULL, -1);
2367
+ xmlSecAssert2(bufSize > 0, -1);
2368
+ xmlSecAssert2(keyInfoCtx != NULL, -1);
2369
+
2370
+ cert = xmlSecOpenSSLX509CertDerRead(buf, bufSize);
2371
+ if(cert == NULL) {
2372
+ xmlSecError(XMLSEC_ERRORS_HERE,
2373
+ NULL,
2374
+ "xmlSecOpenSSLX509CertDerRead",
2375
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2376
+ XMLSEC_ERRORS_NO_MESSAGE);
2377
+ return(-1);
2378
+ }
2379
+
2380
+ data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
2381
+ if(data == NULL) {
2382
+ xmlSecError(XMLSEC_ERRORS_HERE,
2383
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2384
+ "xmlSecKeyEnsureData",
2385
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2386
+ XMLSEC_ERRORS_NO_MESSAGE);
2387
+ X509_free(cert);
2388
+ return(-1);
2389
+ }
2390
+
2391
+ ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
2392
+ if(ret < 0) {
2393
+ xmlSecError(XMLSEC_ERRORS_HERE,
2394
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2395
+ "xmlSecOpenSSLKeyDataX509AdoptCert",
2396
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2397
+ XMLSEC_ERRORS_NO_MESSAGE);
2398
+ X509_free(cert);
2399
+ return(-1);
2400
+ }
2401
+
2402
+ ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
2403
+ if(ret < 0) {
2404
+ xmlSecError(XMLSEC_ERRORS_HERE,
2405
+ xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
2406
+ "xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
2407
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
2408
+ XMLSEC_ERRORS_NO_MESSAGE);
2409
+ return(-1);
2410
+ }
2411
+ return(0);
2412
+ }
2413
+
2414
+ #endif /* XMLSEC_NO_X509 */