xmlsec-shim 1.2.18.1

data/vendor/xmlsec1-1.2.18/tests/nss.supp

@@ -0,0 +1,220 @@
+##----------------------------------------------------------------------##
+#
+# Errors to suppress by default with NSS
+#
+# Format of this file is:
+# {
+#     name_of_suppression
+#     kind: one of Param Value1 Value2 Value4 Value8
+#                   Free Addr1 Addr2 Addr4 Addr8
+#                   Cond (previously known as Value0)
+#     (if Param: name of system call param, if Free: name of free-ing fn)
+#     caller0 name, or /name/of/so/file.so
+#     caller1 name, or ditto
+#     (optionally: caller2 name)
+#     (optionally: caller3 name)
+#  }
+
+##----------------------------------------------------------------------##
+{
+   NSS memcmp/prng_RandomUpdate
+   Memcheck:Cond
+   fun:memcmp
+   fun:prng_RandomUpdate
+}
+
+{
+   NSS alg_fips*/prng_RandomUpdate
+   Memcheck:Cond
+   fun:alg_fips*
+   fun:prng_RandomUpdate
+}
+
+{
+   NSS sec_asn1d_parse_leaf/SEC_ASN1*
+   Memcheck:Cond
+   fun:sec_asn1d*
+   fun:SEC_ASN1*
+}
+
+{
+   NSS DES_Do1Block
+   Memcheck:Value4
+   fun:DES_Do1Block
+   fun:DES_EDE*
+}
+
+{
+   NSS *mp*
+   Memcheck:Cond
+   fun:*
+   fun:*mp_*
+}
+
+{
+   NSS *mp*
+   Memcheck:Cond
+   fun:*mp*
+   fun:*
+}
+
+{
+   NSS *mp*
+   Memcheck:Value4
+   fun:*
+   fun:*mp*
+}
+
+{
+   NSS *mp*
+   Memcheck:Value4
+   fun:*mp*
+   fun:*dsa*
+}
+
+{
+   NSS *alg_fips*
+   Memcheck:Cond
+   fun:*alg_fips*
+   fun:*
+}
+
+{
+   NSS memcmp/prng
+   Memcheck:Value4
+   fun:memcmp
+   fun:*prng*
+}
+
+{
+   NSS *alg_fips*
+   Memcheck:Value4
+   fun:*alg_fips*
+   fun:*prng*
+}
+
+{
+   NSS *DSA_Generate*
+   Memcheck:Value4
+   fun:*DSA_Generate*
+   fun:*DSA*
+}
+
+{
+   NSS *DSA_Generate*
+   Memcheck:Cond
+   fun:*DSA_Generate*
+   fun:*DSA*
+}
+
+{
+   NSS *memset/SECITEM*
+   Memcheck:Value4
+   fun:*mem*
+   fun:*SECITEM*
+}
+
+{
+   NSS *FreeArena*
+   Memcheck:Cond
+   fun:*Arena*
+   fun:*Arena*
+}
+
+{
+   NSS *memcpy/sec*
+   Memcheck:Cond
+   fun:*mem*
+   fun:*sec*
+}
+
+{
+   NSS *memcpy/sec*
+   Memcheck:Value4
+   fun:*mem*
+   fun:*sec*
+}
+
+{
+   NSS *sec*
+   Memcheck:Value4
+   fun:*sec*
+   fun:*
+}
+
+{
+   NSS *sec*
+   Memcheck:Cond
+   fun:*sec*
+   fun:*
+}
+
+
+{
+   NSS *PL_Hash*
+   Memcheck:Value4
+   fun:*PL_Hash*
+   fun:*
+}
+
+{
+   NSS *PL_Hash*
+   Memcheck:Cond
+   fun:*PL_Hash*
+   fun:*
+}
+
+{
+   NSS *SEC*
+   Memcheck:Value4
+   fun:*SEC*
+   fun:*
+}
+
+{
+   NSS *SEC*
+   Memcheck:Cond
+   fun:*SEC*
+   fun:*
+}
+
+{
+   NSS *PORT*
+   Memcheck:Value4
+   fun:*PORT*
+   fun:*
+}
+
+{
+   NSS *PORT*
+   Memcheck:Cond
+   fun:*PORT*
+   fun:*
+}
+
+{
+   NSS *DES*
+   Memcheck:Value4
+   fun:*DES*
+   fun:*
+}
+
+{
+   NSS *__GI__*
+   Addrcheck,Memcheck:Param
+   write(buf)
+   obj:*libc-2.2*so
+}
+
+{
+   NSS xmlSecBase64*
+   Memcheck:Value4
+   fun:xmlSecBase64*
+}
+
+{
+   NSS rijndael*
+   Memcheck:Value4
+   fun:rijndael*
+}
+

data/vendor/xmlsec1-1.2.18/tests/openssl.supp

@@ -0,0 +1,63 @@
+##----------------------------------------------------------------------##
+#
+# Errors to suppress by default with OpenSSL
+#
+# Format of this file is:
+# {
+#     name_of_suppression
+#     kind: one of Param Value1 Value2 Value4 Value8
+#                   Free Addr1 Addr2 Addr4 Addr8
+#                   Cond (previously known as Value0)
+#     (if Param: name of system call param, if Free: name of free-ing fn)
+#     caller0 name, or /name/of/so/file.so
+#     caller1 name, or ditto
+#     (optionally: caller2 name)
+#     (optionally: caller3 name)
+#  }
+
+##----------------------------------------------------------------------##
+{
+   OpenSSL BN_*(Cond)
+   Memcheck:Cond
+   fun:BN_*
+}
+
+{
+   OpenSSL BN_*(Value4)
+   Memcheck:Value4
+   fun:BN_*
+}
+
+{
+   OpenSSL bn_*(Cond)
+   Memcheck:Cond
+   fun:bn_*
+}
+
+{
+   OpenSSL bn_*(Value4)
+   Memcheck:Value4
+   fun:bn_*
+}
+
+{
+   OpenSSL AES_encrypt(Value4)
+   Memcheck:Value4
+   fun:AES_encrypt
+   fun:AES_cbc_encrypt
+}
+
+{
+   OpenSSL DES_encrypt*(Value4)
+   Memcheck:Value4
+   fun:DES_encrypt2
+   fun:DES_encrypt3
+}
+
+{
+   OpenSSL RSA_padding_add_PKCS1_type_2(Cond)
+   Memcheck:Cond
+   fun:RSA_padding_add_PKCS1_type_2
+   fun:RSA_eay_public_encrypt
+}
+

data/vendor/xmlsec1-1.2.18/tests/phaos-xmldsig-three/README.txt

@@ -0,0 +1,248 @@
+Sample XML Signatures Produced Using the Phaos XML Toolkit
+
+November 26, 2002
+
+
+Contents of phaos-xmldsig-three
+===============================
+
+	signature-rsa-enveloped.xml
+	---------------------------	
+	Contains an RSA enveloped signature.
+
+
+	signature-rsa-enveloping.xml
+	----------------------------
+	Contains an RSA enveloping signature.
+
+
+	signature-rsa-detached.xml
+	--------------------------
+	Contains an RSA detached signature.
+
+
+	signature-dsa-enveloped.xml
+	---------------------------	
+	Contains a DSA enveloped signature.
+
+
+	signature-dsa-enveloping.xml
+	----------------------------
+	Contains a DSA enveloping signature.
+
+
+	signature-dsa-detached.xml
+	--------------------------
+	Contains a DSA detached signature.
+
+
+	signature-hmac-md5-c14n-enveloping.xml
+	--------------------------------------
+	Contains an enveloping MD5 HMAC signature and uses XML Canonicalization 
+	as the canonicalization method.  The HMAC secret is the ASCII encoding of
+	the word "test".
+
+
+	signature-hmac-sha1-exclusive-c14n-enveloped.xml
+	------------------------------------------------
+	Contains an enveloped SHA-1 HMAC signature and uses the Exclusive XML
+	Canonicalization canonicalization method.  The HMAC secret is the ASCII 
+	encoding of the word "test".
+
+
+	signature-hmac-sha1-exclusive-c14n-comments-detached.xml
+	--------------------------------------------------------
+	Contains a detached SHA-1 HMAC signature and uses the Exclusive XML
+	Canonicalization With Comments canonicalization method.  The HMAC secret 
+	is the ASCII encoding of the word "test".
+
+
+	signature-hmac-sha1-40-c14n-comments-detached.xml
+	-------------------------------------------------
+	Contains a detached 40-byte SHA-1 HMAC signature and uses the XML
+	Canonicalization With Comments canonicalization method.  The HMAC secret is 
+	the ASCII encoding of the word "test".
+		
+
+	signature-hmac-sha1-40-exclusive-c14n-comments-detached.xml
+	-----------------------------------------------------------
+	Contains a detached 40 byte SHA-1 HMAC signature and uses the Exclusive
+	XML Canonicalization With Comments canonicalization method.  The HMAC secret 
+	is the ASCII encoding of the word "test".
+
+
+	signature-dsa-detached-manifest.xml
+	-----------------------------------
+	Contains a detached DSA signature with a manifest.
+
+
+	signature-rsa-detached-manifest.xml
+	----------------------------------
+	Contains a detached RSA signature with a manifest.
+
+	
+	signature-rsa-detached-b64-transform.xml
+	----------------------------------------
+	Contains a detached RSA signature with a Base64 decode transform.
+
+	
+	signature-rsa-detached-xpath-transform.xml
+	------------------------------------------
+	Contains a detached RSA signature with an XPath transform.
+
+	
+	signature-rsa-xpath-transform-enveloped.xml
+	------------------------------------------
+	Contains an RSA signature with an XPath transform that produces the
+	same result as the enveloped signature algorithm.
+
+	
+	signature-rsa-detached-xslt-transform.xml
+	------------------------------------------
+	Contains a detached RSA signature with an XSLT transformation.
+
+
+	signature-rsa-detached-x509-data.xml
+	------------------------------------
+	Contains a detached RSA signature with several X509Data subelements.
+
+
+	signature-rsa-detached-x509-data-subject-name.xml
+	------------------------------------
+	Contains a detached RSA signature with an X509SubjectName that 
+	references the subject name of the certificate stored in
+	certs/rsa-client-cert.der.
+
+
+	signature-rsa-detached-x509-data-issuer-serial.xml
+	------------------------------------
+	Contains a detached RSA signature with an X509IssuerSerial that 
+	references the issuer and serial number of the certificate stored in
+	certs/rsa-client-cert.der.
+
+
+	signature-rsa-detached-x509-data-ski.xml
+	------------------------------------
+	Contains a detached RSA signature with an X509SKI that 
+	references the Subject Key Identifier of the certificate stored in
+	certs/rsa-client-cert.der.
+
+
+	signature-rsa-detached-x509-data-client-cert.xml
+	------------------------------------
+	Contains a detached RSA signature with an X509Certificate that 
+	represents the certificate stored in certs/rsa-client-cert.der.
+
+
+	signature-rsa-detached-x509-data-cert-chain.xml
+	------------------------------------
+	Contains a detached RSA signature with two X509Certificate 
+	elements that represent the certificates stored in  
+	certs/rsa-client-cert.der and certs/rsa-ca-cert.der.
+
+
+	signature-rsa-detached-xslt-transform-retrieval-method.xml
+	------------------------------------
+	Contains a detached RSA signature with an XSLT transform and a KeyInfo 
+	element that refers to an external X.509 certificate.  The certificate 
+	is located in certs/rsa-client-cert.der.
+
+
+	signature-big.xml
+	-----------------
+	Contains a larger detached RSA signature that contains a manifest and many 
+	references that test various transformation algorithms, URI reference syntax 
+	formats, etc. The KeyInfo contains a KeyName whose value is the subject
+	name of the certificate stored in certs/rsa-client-cert.der.
+
+	
+	signature-rsa-detached-xslt-transform-bad-retrieval-method.xml
+	---------------------------------------------------------------
+	Contains a detached RSA signature with an XSLT transform and a KeyInfo 
+	element that refers to an INCORRECT external X.509 certificate. (The correct
+	X.509 certificate is located in certs/rsa-client-cert.der.)  Verification 
+	should FAIL.
+
+
+	signature-rsa-enveloped-bad-digest-val.xml
+	------------------------------------------
+	Contains an enveloped RSA signature that contains a reference with an INCORRECT
+	digest value.  Verification should FAIL.
+
+
+	signature-rsa-enveloped-bad-sig.xml
+	-----------------------------------
+	Contains an enveloped RSA signature that contains a reference that was added 
+	after the signature value was computed.  Verification should FAIL.
+
+	
+	document.xml
+	------------
+	An XML document that is referenced by some of the signature examples.
+
+
+	document-stylesheet.xml
+	-----------------------
+	The same as document.xml with the addition of an xsl-stylesheet processing
+	instruction.
+
+	
+	document.xsl
+	------------
+	An XSL stylesheet referenced by several of the signature examples and 
+	document-stylesheet.xml.
+
+
+	document.b64
+	------------
+	A Base64 encoded XML document.
+
+
+	README.txt
+	----------
+	This file.
+
+
+
+Contents of phaos-xmldsig-three/certs
+=====================================
+
+	rsa-cert.der
+	------------
+	An RSA end entity certificate issued by the CA certificate contained in
+	rsa-ca-cert.der.
+
+	enc-rsa-key.der
+	---------------
+	The RSA private key that matches rsa-cert.der, password-encrypted using
+	the PKCS#8 format. The password is "test".
+
+	dsa-cert.der
+	------------
+	An DSA end entity certificate issued by the CA certificate contained in
+	dsa-ca-cert.der.
+
+	enc-dsa-key.der
+	---------------
+	The DSA private key that matches dsa-cert.der, password-encrypted using
+	the PKCS#8 format. The password is "test".
+
+	rsa-ca-cert.der
+	---------------
+	An RSA self-signed CA certificate.
+
+	dsa-ca-cert.der
+	---------------
+	A DSA self-signed CA certificate.
+
+	crl.der
+	-------
+	A sample CRL that revokes rsa-cert.der.
+
+
+
+Joe Morgan
+Software Engineer
+Phaos Technology
+jmorgan@phaos.com	
+http://www.phaos.com/