libxmlsec: canonize in the OOXML RelationshipTransform

This is still a skeleton, but now we canonize the incoming data, not just eat it and output nothing -> at the end we don't hit an assertion that the output of the transform chain is nothing. Change-Id: I28509b8a493c6bf6cdcbb23b95ae7de8947790c1
author: Miklos Vajna <vmiklos@collabora.co.uk> 2016-01-25 18:08:18 +0100
committer: Miklos Vajna <vmiklos@collabora.co.uk> 2016-01-25 18:26:16 +0100
commit: 937eb672f43fd26cea5f7dcf559f9ed3f662b804 (patch)
tree: 14c910865fa1f9ce98a7c3af5d7d2478ccca7ffc /external
parent: 0dac6d1f179c286dd7aea2d9ef7c37db8323fa37 (diff)
1 files changed, 226 insertions, 22 deletions
diff --git a/external/libxmlsec/xmlsec1-ooxml.patch.1 b/external/libxmlsec/xmlsec1-ooxml.patch.1
index 8a1dbe39ef31..af92fbbe7b3e 100644
--- a/external/libxmlsec/xmlsec1-ooxml.patch.1
+++ b/external/libxmlsec/xmlsec1-ooxml.patch.1
@@ -1,15 +1,15 @@
-From b7fb2699e3c383ae40f29369dc57afbd0d52004c Mon Sep 17 00:00:00 2001
+From 1770428d30a77e7c5e3344687369d83e04201f0b Mon Sep 17 00:00:00 2001
 From: Miklos Vajna <vmiklos@collabora.co.uk>
 Date: Mon, 25 Jan 2016 09:50:03 +0100
 Subject: [PATCH] OOXML Relationship Transform skeleton
 
 ---
- include/xmlsec/strings.h    |  3 ++
- include/xmlsec/transforms.h |  4 +++
- src/strings.c               |  3 ++
- src/transforms.c            | 11 ++++++
- src/xpath.c                 | 82 +++++++++++++++++++++++++++++++++++++++++++++
- 5 files changed, 103 insertions(+)
+ include/xmlsec/strings.h    |   3 +
+ include/xmlsec/transforms.h |   4 +
+ src/strings.c               |   3 +
+ src/transforms.c            |  11 ++
+ src/xpath.c                 | 279 ++++++++++++++++++++++++++++++++++++++++++++
+ 5 files changed, 300 insertions(+)
 
 diff --git a/include/xmlsec/strings.h b/include/xmlsec/strings.h
 index 07afb9d..9c72d1b 100644
@@ -77,10 +77,18 @@ index 2ed3fe8..9e5ad27 100644
      if(xmlSecTransformIdsRegister(xmlSecTransformXsltId) < 0) {
  	xmlSecError(XMLSEC_ERRORS_HERE,
 diff --git a/src/xpath.c b/src/xpath.c
-index 8b0b4f8..63b02d4 100644
+index 8b0b4f8..ddcd95d 100644
 --- a/src/xpath.c
 +++ b/src/xpath.c
-@@ -1144,5 +1144,87 @@ xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last,
+@@ -17,6 +17,7 @@
+ #include <libxml/xpath.h>
+ #include <libxml/xpathInternals.h>
+ #include <libxml/xpointer.h>
++#include <libxml/c14n.h>
+ 
+ #include <xmlsec/xmlsec.h>
+ #include <xmlsec/xmltree.h>
+@@ -1144,5 +1145,283 @@ xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last,
      return(0);
  }
  
@@ -95,8 +103,8 @@ index 8b0b4f8..63b02d4 100644
 +
 +static int xmlSecRelationshipInitialize (xmlSecTransformPtr transform);
 +static void xmlSecRelationshipFinalize (xmlSecTransformPtr transform);
-+static int xmlSecRelationshipReadNode (xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx);
-+static int xmlSecRelationshipExecute (xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx);
++static int xmlSecTransformRelationshipPopBin(xmlSecTransformPtr transform, xmlSecByte* data, xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx);
++static int xmlSecTransformRelationshipPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes, xmlSecTransformCtxPtr transformCtx);
 +
 +static xmlSecTransformKlass xmlSecRelationshipKlass =
 +{
@@ -108,17 +116,17 @@ index 8b0b4f8..63b02d4 100644
 +    xmlSecTransformUsageDSigTransform, /* xmlSecAlgorithmUsage usage; */
 +    xmlSecRelationshipInitialize, /* xmlSecTransformInitializeMethod initialize; */
 +    xmlSecRelationshipFinalize, /* xmlSecTransformFinalizeMethod finalize; */
-+    xmlSecRelationshipReadNode, /* xmlSecTransformNodeReadMethod readNode; */
++    NULL, /* xmlSecTransformNodeReadMethod readNode; */
 +    NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
 +    NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
 +    NULL, /* xmlSecTransformSetKeyMethod setKey; */
 +    NULL, /* xmlSecTransformValidateMethod validate; */
 +    xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
-+    xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
-+    xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
-+    NULL, /* xmlSecTransformPushXmlMethod pushXml; */
++    NULL, /* xmlSecTransformPushBinMethod pushBin; */
++    xmlSecTransformRelationshipPopBin, /* xmlSecTransformPopBinMethod popBin; */
++    xmlSecTransformRelationshipPushXml, /* xmlSecTransformPushXmlMethod pushXml; */
 +    NULL, /* xmlSecTransformPopXmlMethod popXml; */
-+    xmlSecRelationshipExecute, /* xmlSecTransformExecuteMethod execute; */
++    NULL, /* xmlSecTransformExecuteMethod execute; */
 +    NULL, /* void* reserved0; */
 +    NULL, /* void* reserved1; */
 +};
@@ -137,7 +145,7 @@ index 8b0b4f8..63b02d4 100644
 +
 +    ctx = xmlSecRelationshipGetCtx(transform);
 +    xmlSecAssert2(ctx != NULL, -1);
- 
++
 +    /* initialize context */
 +    memset(ctx, 0, sizeof(xmlSecRelationshipCtx));
 +    return 0;
@@ -155,18 +163,214 @@ index 8b0b4f8..63b02d4 100644
 +
 +    if (ctx->parserCtx != NULL)
 +	xmlFreeParserCtxt(ctx->parserCtx);
- 
++
 +    memset(ctx, 0, sizeof(xmlSecRelationshipCtx));
 +}
 +
-+static int xmlSecRelationshipReadNode(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx)
++static int xmlSecTransformRelationshipPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes, xmlSecTransformCtxPtr transformCtx)
 +{
-+    return 0;
++    xmlOutputBufferPtr buf;
++    int ret;
++
++    xmlSecAssert2(nodes != NULL, -1);
++    xmlSecAssert2(nodes->doc != NULL, -1);
++    xmlSecAssert2(transformCtx != NULL, -1);
++
++    /* check/update current transform status */
++    switch(transform->status)
++    {
++    case xmlSecTransformStatusNone:
++	transform->status = xmlSecTransformStatusWorking;
++	break;
++    case xmlSecTransformStatusWorking:
++    case xmlSecTransformStatusFinished:
++	return(0);
++    default:
++	xmlSecError(XMLSEC_ERRORS_HERE,
++		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++		    NULL,
++		    XMLSEC_ERRORS_R_INVALID_STATUS,
++		    "status=%d", transform->status);
++	return(-1);
++    }
++    xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
++
++    /* prepare output buffer: next transform or ourselves */
++    if(transform->next != NULL)
++    {
++	buf = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
++	if(buf == NULL)
++	{
++	    xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlSecTransformCreateOutputBuffer",
++			XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    return(-1);
++	}
++    } else
++    {
++	buf = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
++	if (buf == NULL)
++	{
++	    xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlSecBufferCreateOutputBuffer",
++			XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    return(-1);
++	}
++    }
+ 
++    ret = xmlC14NExecute(nodes->doc, (xmlC14NIsVisibleCallback)xmlSecNodeSetContains, nodes, XML_C14N_1_0, NULL, 0, buf);
++    if (ret < 0)
++    {
++	xmlSecError(XMLSEC_ERRORS_HERE,
++		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++		    "xmlC14NExecute",
++		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
++		    XMLSEC_ERRORS_NO_MESSAGE);
++	xmlOutputBufferClose(buf);
++	return(-1);
++    }
+ 
++    ret = xmlOutputBufferClose(buf);
++    if (ret < 0)
++    {
++	xmlSecError(XMLSEC_ERRORS_HERE,
++		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++		    "xmlOutputBufferClose",
++		    XMLSEC_ERRORS_R_XML_FAILED,
++		    XMLSEC_ERRORS_NO_MESSAGE);
++	return(-1);
++    }
++    transform->status = xmlSecTransformStatusFinished;
++    return(0);
 +}
 +
-+static int xmlSecRelationshipExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx)
++static int xmlSecTransformRelationshipPopBin(xmlSecTransformPtr transform, xmlSecByte* data, xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx)
 +{
-+    return 0;
++    xmlSecBufferPtr out;
++    int ret;
++
++    xmlSecAssert2(data != NULL, -1);
++    xmlSecAssert2(dataSize != NULL, -1);
++    xmlSecAssert2(transformCtx != NULL, -1);
++
++    out = &(transform->outBuf);
++    if (transform->status == xmlSecTransformStatusNone)
++    {
++	xmlOutputBufferPtr buf;
++
++	xmlSecAssert2(transform->inNodes == NULL, -1);
++
++	/* todo: isn't it an error? */
++	if (transform->prev == NULL)
++	{
++	    (*dataSize) = 0;
++	    transform->status = xmlSecTransformStatusFinished;
++	    return(0);
++	}
++
++	/* get xml data from previous transform */
++	ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
++	if (ret < 0)
++	{
++	    xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlSecTransformPopXml",
++			XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    return(-1);
++	}
++
++	/* dump everything to internal buffer */
++	buf = xmlSecBufferCreateOutputBuffer(out);
++	if (buf == NULL)
++	{
++	    xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlSecBufferCreateOutputBuffer",
++			XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    return(-1);
++	}
++
++        ret = xmlC14NExecute(transform->inNodes->doc, (xmlC14NIsVisibleCallback)xmlSecNodeSetContains, transform->inNodes, XML_C14N_1_0, NULL, 0, buf);
++        if (ret < 0)
++	{
++            xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlSecTransformC14NExecute",
++			XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    xmlOutputBufferClose(buf);
++	    return(-1);
++	}
++	ret = xmlOutputBufferClose(buf);
++	if (ret < 0)
++	{
++	    xmlSecError(XMLSEC_ERRORS_HERE,
++			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			"xmlOutputBufferClose",
++			XMLSEC_ERRORS_R_XML_FAILED,
++			XMLSEC_ERRORS_NO_MESSAGE);
++	    return(-1);
++	}
++	transform->status = xmlSecTransformStatusWorking;
++    }
++
++    if (transform->status == xmlSecTransformStatusWorking)
++    {
++	xmlSecSize outSize;
++
++	/* return chunk after chunk */
++	outSize = xmlSecBufferGetSize(out);
++	if (outSize > maxDataSize)
++	{
++	    outSize = maxDataSize;
++	}
++	if (outSize > XMLSEC_TRANSFORM_BINARY_CHUNK)
++	{
++	    outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
++	}
++	if (outSize > 0)
++	{
++	    xmlSecAssert2(xmlSecBufferGetData(&(transform->outBuf)), -1);
++
++	    memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
++	    ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
++            if (ret < 0)
++	    {
++		xmlSecError(XMLSEC_ERRORS_HERE,
++			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++			    "xmlSecBufferRemoveHead",
++			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
++			    "size=%d", outSize);
++		return(-1);
++	    }
++	}
++	else if (xmlSecBufferGetSize(out) == 0)
++	    transform->status = xmlSecTransformStatusFinished;
++	(*dataSize) = outSize;
++    }
++    else if (transform->status == xmlSecTransformStatusFinished)
++    {
++	/* the only way we can get here is if there is no output */
++	xmlSecAssert2(xmlSecBufferGetSize(out) == 0, -1);
++	(*dataSize) = 0;
++    }
++    else
++    {
++	xmlSecError(XMLSEC_ERRORS_HERE,
++		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
++		    NULL,
++		    XMLSEC_ERRORS_R_INVALID_STATUS,
++		    "status=%d", transform->status);
++	return(-1);
++    }
++
++    return(0);
 +}
 -- 
 2.6.2
author	Miklos Vajna <vmiklos@collabora.co.uk>	2016-01-25 18:08:18 +0100
committer	Miklos Vajna <vmiklos@collabora.co.uk>	2016-01-25 18:26:16 +0100
commit	937eb672f43fd26cea5f7dcf559f9ed3f662b804 (patch)
tree	14c910865fa1f9ce98a7c3af5d7d2478ccca7ffc /external
parent	0dac6d1f179c286dd7aea2d9ef7c37db8323fa37 (diff)