diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-03-08 08:52:25 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-03-08 09:17:21 +0000 |
commit | b5acaa42bb44ad358b0c126af18ea3bdf88d4bd3 (patch) | |
tree | b47cc1f189e64c2b583e922d04e6c02bd86aea46 /external | |
parent | 1f4e0359d3cee2780944f64025a63c208720c74d (diff) |
tdf#105983 libxmlsec: backport NSS / ECDSA patches
NSS already supported ECDSA, and LibreOffice itself is agnostic here.
All what was missing is the ECDSA wrapper in xmlsec's nss backend.
Change-Id: Ic26cef369d0f4a1847b6a76825b9464837fe8f3b
Reviewed-on: https://gerrit.libreoffice.org/34966
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'external')
-rw-r--r-- | external/libxmlsec/UnpackedTarball_xmlsec.mk | 4 | ||||
-rw-r--r-- | external/libxmlsec/xmlsec1-nss-ecdsa-memset.patch.1 | 37 | ||||
-rw-r--r-- | external/libxmlsec/xmlsec1-nss-ecdsa-sha256.patch.1 | 434 |
3 files changed, 475 insertions, 0 deletions
diff --git a/external/libxmlsec/UnpackedTarball_xmlsec.mk b/external/libxmlsec/UnpackedTarball_xmlsec.mk index aa3ff0c75722..d7859f35a083 100644 --- a/external/libxmlsec/UnpackedTarball_xmlsec.mk +++ b/external/libxmlsec/UnpackedTarball_xmlsec.mk @@ -15,6 +15,10 @@ xmlsec_patches += xmlsec1-noverify.patch.1 xmlsec_patches += xmlsec1-vc.patch.1 xmlsec_patches += xmlsec1-1.2.14_fix_extern_c.patch.1 xmlsec_patches += xmlsec1-customkeymanage.patch.1 +# Backport of <https://github.com/lsh123/xmlsec/pull/83>. +xmlsec_patches += xmlsec1-nss-ecdsa-sha256.patch.1 +# Backport of <https://github.com/lsh123/xmlsec/pull/91>. +xmlsec_patches += xmlsec1-nss-ecdsa-memset.patch.1 $(eval $(call gb_UnpackedTarball_UnpackedTarball,xmlsec)) diff --git a/external/libxmlsec/xmlsec1-nss-ecdsa-memset.patch.1 b/external/libxmlsec/xmlsec1-nss-ecdsa-memset.patch.1 new file mode 100644 index 000000000000..2cefbe0f1bd8 --- /dev/null +++ b/external/libxmlsec/xmlsec1-nss-ecdsa-memset.patch.1 @@ -0,0 +1,37 @@ +From 2ef2b9f34e2eebcdb4116e55e1e3b8034a1961c8 Mon Sep 17 00:00:00 2001 +From: Miklos Vajna <vmiklos@collabora.co.uk> +Date: Mon, 6 Mar 2017 22:34:46 +0100 +Subject: [PATCH] nss: fix assert when building against debug nss (#91) + +Due to reading uninitialized memory. gdb says: + + Assertion failure: dest == NULL || dest->data == NULL, at secasn1e.c:1483 + Program received signal SIGABRT, Aborted. + 0x00007ffff74748d7 in raise () from /lib64/libc.so.6 + (gdb) up + #1 0x00007ffff7475caa in abort () from /lib64/libc.so.6 + (gdb) + #2 0x00007fffe57f96ae in PR_Assert (s=0x7fffe1cbf298 "dest == NULL || dest->data == NULL", file=0x7fffe1cbef60 "secasn1e.c", ln=1483) at ../../../../pr/src/io/prlog.c:553 + 553 abort(); + (gdb) + #3 0x00007fffe1cb1941 in SEC_ASN1EncodeItem_Util (poolp=0x0, dest=0x7fffffff95f0, src=0x7fffffff9530, theTemplate=0x7fffe55ae180 <DSA_SignatureTemplate>) at secasn1e.c:1483 + 1483 PORT_Assert(dest == NULL || dest->data == NULL); +--- + src/nss/signatures.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/nss/signatures.c b/src/nss/signatures.c +index a8fec2c..b7a292e 100644 +--- a/src/nss/signatures.c ++++ b/src/nss/signatures.c +@@ -354,6 +354,7 @@ xmlSecNssSignatureVerify(xmlSecTransformPtr transform, + SECItem signatureDer; + SECStatus statusDer; + ++ memset(&signatureDer, 0, sizeof(signatureDer)); + statusDer = DSAU_EncodeDerSigWithLen(&signatureDer, &signature, signature.len); + if(statusDer != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, +-- +2.10.2 + diff --git a/external/libxmlsec/xmlsec1-nss-ecdsa-sha256.patch.1 b/external/libxmlsec/xmlsec1-nss-ecdsa-sha256.patch.1 new file mode 100644 index 000000000000..dc6a13bba5c4 --- /dev/null +++ b/external/libxmlsec/xmlsec1-nss-ecdsa-sha256.patch.1 @@ -0,0 +1,434 @@ +From a2448ac7a26c64be27b81a26a34cb933e4fb899d Mon Sep 17 00:00:00 2001 +From: Miklos Vajna <vmiklos@collabora.co.uk> +Date: Sat, 25 Feb 2017 01:03:19 +0100 +Subject: [PATCH] nss: add ECDSA-SHA256 support (#83) + +Conflicts: + configure.ac + src/nss/signatures.c +--- + include/xmlsec/nss/crypto.h | 30 +++++++++ + include/xmlsec/nss/symbols.h | 1 + + src/nss/README | 2 +- + src/nss/crypto.c | 7 +++ + src/nss/pkikeys.c | 141 +++++++++++++++++++++++++++++++++++++++++++ + src/nss/signatures.c | 124 ++++++++++++++++++++++++++++++++----- + 6 files changed, 290 insertions(+), 15 deletions(-) + +diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h +index 87f31bf..adc73c8 100644 +--- a/include/xmlsec/nss/crypto.h ++++ b/include/xmlsec/nss/crypto.h +@@ -189,6 +189,36 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformDsaSha1GetKlass(void); + + /******************************************************************** + * ++ * ECDSA transform ++ * ++ *******************************************************************/ ++#ifndef XMLSEC_NO_ECDSA ++ ++/** ++ * xmlSecNssKeyDataEcdsaId: ++ * ++ * The ECDSA key klass. ++ */ ++#define xmlSecNssKeyDataEcdsaId xmlSecNssKeyDataEcdsaGetKlass() ++XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataEcdsaGetKlass(void); ++ ++#ifndef XMLSEC_NO_SHA256 ++ ++/** ++ * xmlSecNssTransformEcdsaSha256Id: ++ * ++ * The ECDSA SHA256 signature transform klass. ++ */ ++#define xmlSecNssTransformEcdsaSha256Id xmlSecNssTransformEcdsaSha256GetKlass() ++XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformEcdsaSha256GetKlass(void); ++ ++#endif /* XMLSEC_NO_SHA256 */ ++ ++#endif /* XMLSEC_NO_ECDSA */ ++ ++ ++/******************************************************************** ++ * + * HMAC transforms + * + *******************************************************************/ +diff --git a/include/xmlsec/nss/symbols.h b/include/xmlsec/nss/symbols.h +index 23653ed..499801c 100644 +--- a/include/xmlsec/nss/symbols.h ++++ b/include/xmlsec/nss/symbols.h +@@ -65,6 +65,7 @@ extern "C" { + #define xmlSecTransformDes3CbcId xmlSecNssTransformDes3CbcId + #define xmlSecTransformKWDes3Id xmlSecNssTransformKWDes3Id + #define xmlSecTransformDsaSha1Id xmlSecNssTransformDsaSha1Id ++#define xmlSecTransformEcdsaSha256Id xmlSecNssTransformEcdsaSha256Id + #define xmlSecTransformHmacMd5Id xmlSecNssTransformHmacMd5Id + #define xmlSecTransformHmacRipemd160Id xmlSecNssTransformHmacRipemd160Id + #define xmlSecTransformHmacSha1Id xmlSecNssTransformHmacSha1Id +diff --git a/src/nss/README b/src/nss/README +index 65a0f45..536552e 100644 +--- a/src/nss/README ++++ b/src/nss/README +@@ -1,6 +1,6 @@ + WHAT VERSION OF NSS? + ------------------------------------------------------------------------ +-NSS 3.9 or greater and NSPR 4.4.1 or greater are required. ++NSS 3.11.1 or greater and NSPR 4.4.1 or greater are required. + + KEYS MANAGER + ------------------------------------------------------------------------ +diff --git a/src/nss/crypto.c b/src/nss/crypto.c +index 473429f..81a81d3 100644 +--- a/src/nss/crypto.c ++++ b/src/nss/crypto.c +@@ -124,6 +124,13 @@ xmlSecCryptoGetFunctions_nss(void) { + gXmlSecNssFunctions->transformDsaSha1GetKlass = xmlSecNssTransformDsaSha1GetKlass; + #endif /* XMLSEC_NO_DSA */ + ++ /******************************* ECDSA ******************************/ ++#ifndef XMLSEC_NO_ECDSA ++#ifndef XMLSEC_NO_SHA256 ++ gXmlSecNssFunctions->transformEcdsaSha256GetKlass = xmlSecNssTransformEcdsaSha256GetKlass; ++#endif /* XMLSEC_NO_SHA256 */ ++#endif /* XMLSEC_NO_ECDSA */ ++ + /******************************* HMAC ********************************/ + #ifndef XMLSEC_NO_HMAC + +diff --git a/src/nss/pkikeys.c b/src/nss/pkikeys.c +index 896c245..1d601d2 100644 +--- a/src/nss/pkikeys.c ++++ b/src/nss/pkikeys.c +@@ -257,6 +257,19 @@ xmlSecNssPKIAdoptKey(SECKEYPrivateKey *privkey, + } + break; + #endif /* XMLSEC_NO_DSA */ ++#ifndef XMLSEC_NO_ECDSA ++ case ecKey: ++ data = xmlSecKeyDataCreate(xmlSecNssKeyDataEcdsaId); ++ if(data == NULL) { ++ xmlSecError(XMLSEC_ERRORS_HERE, ++ NULL, ++ "xmlSecKeyDataCreate", ++ XMLSEC_ERRORS_R_XMLSEC_FAILED, ++ "xmlSecNssKeyDataEcdsaId"); ++ return(NULL); ++ } ++ break; ++#endif /* XMLSEC_NO_ECDSA */ + default: + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, +@@ -1564,5 +1577,133 @@ xmlSecNssKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) { + + #endif /* XMLSEC_NO_RSA */ + ++#ifndef XMLSEC_NO_ECDSA ++static int xmlSecNssKeyDataEcdsaInitialize(xmlSecKeyDataPtr data); ++static int xmlSecNssKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst, ++ xmlSecKeyDataPtr src); ++static void xmlSecNssKeyDataEcdsaFinalize(xmlSecKeyDataPtr data); ++ ++static xmlSecKeyDataType xmlSecNssKeyDataEcdsaGetType(xmlSecKeyDataPtr data); ++static xmlSecSize xmlSecNssKeyDataEcdsaGetSize(xmlSecKeyDataPtr data); ++static void xmlSecNssKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data, ++ FILE* output); ++static void xmlSecNssKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data, ++ FILE* output); ++ ++static xmlSecKeyDataKlass xmlSecNssKeyDataEcdsaKlass = { ++ sizeof(xmlSecKeyDataKlass), ++ xmlSecNssPKIKeyDataSize, ++ ++ /* data */ ++ xmlSecNameECDSAKeyValue, ++ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, ++ /* xmlSecKeyDataUsage usage; */ ++ xmlSecHrefECDSAKeyValue, /* const xmlChar* href; */ ++ xmlSecNodeECDSAKeyValue, /* const xmlChar* dataNodeName; */ ++ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */ ++ ++ /* constructors/destructor */ ++ xmlSecNssKeyDataEcdsaInitialize, /* xmlSecKeyDataInitializeMethod initialize; */ ++ xmlSecNssKeyDataEcdsaDuplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */ ++ xmlSecNssKeyDataEcdsaFinalize, /* xmlSecKeyDataFinalizeMethod finalize; */ ++ NULL, /* xmlSecKeyDataGenerateMethod generate; */ ++ ++ /* get info */ ++ xmlSecNssKeyDataEcdsaGetType, /* xmlSecKeyDataGetTypeMethod getType; */ ++ xmlSecNssKeyDataEcdsaGetSize, /* xmlSecKeyDataGetSizeMethod getSize; */ ++ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */ ++ ++ /* read/write */ ++ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */ ++ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */ ++ NULL, /* xmlSecKeyDataBinReadMethod binRead; */ ++ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */ ++ ++ /* debug */ ++ xmlSecNssKeyDataEcdsaDebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */ ++ xmlSecNssKeyDataEcdsaDebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */ ++ ++ /* reserved for the future */ ++ NULL, /* void* reserved0; */ ++ NULL, /* void* reserved1; */ ++}; ++ ++/** ++ * xmlSecNssKeyDataEcdsaGetKlass: ++ * ++ * The ECDSA key data klass. ++ * ++ * Returns: pointer to ECDSA key data klass. ++ */ ++xmlSecKeyDataId ++xmlSecNssKeyDataEcdsaGetKlass(void) { ++ return(&xmlSecNssKeyDataEcdsaKlass); ++} ++ ++static int ++xmlSecNssKeyDataEcdsaInitialize(xmlSecKeyDataPtr data) { ++ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId), -1); ++ ++ return(xmlSecNssPKIKeyDataInitialize(data)); ++} ++ ++static int ++xmlSecNssKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) { ++ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecNssKeyDataEcdsaId), -1); ++ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecNssKeyDataEcdsaId), -1); ++ ++ return(xmlSecNssPKIKeyDataDuplicate(dst, src)); ++} ++ ++static void ++xmlSecNssKeyDataEcdsaFinalize(xmlSecKeyDataPtr data) { ++ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId)); ++ ++ xmlSecNssPKIKeyDataFinalize(data); ++} ++ ++static xmlSecKeyDataType ++xmlSecNssKeyDataEcdsaGetType(xmlSecKeyDataPtr data) { ++ xmlSecNssPKIKeyDataCtxPtr ctx; ++ ++ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId), xmlSecKeyDataTypeUnknown); ++ ctx = xmlSecNssPKIKeyDataGetCtx(data); ++ xmlSecAssert2(ctx != NULL, -1); ++ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, -1); ++ if (ctx->privkey != NULL) { ++ return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic); ++ } else { ++ return(xmlSecKeyDataTypePublic); ++ } ++} ++ ++static xmlSecSize ++xmlSecNssKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) { ++ xmlSecNssPKIKeyDataCtxPtr ctx; ++ ++ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId), 0); ++ ctx = xmlSecNssPKIKeyDataGetCtx(data); ++ xmlSecAssert2(ctx != NULL, -1); ++ xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == ecKey, -1); + ++ return(SECKEY_SignatureLen(ctx->pubkey)); ++} + ++static void ++xmlSecNssKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data, FILE* output) { ++ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId)); ++ xmlSecAssert(output != NULL); ++ ++ fprintf(output, "=== ecdsa key: size = %d\n", ++ xmlSecNssKeyDataEcdsaGetSize(data)); ++} ++ ++static void ++xmlSecNssKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) { ++ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataEcdsaId)); ++ xmlSecAssert(output != NULL); ++ ++ fprintf(output, "<ECDSAKeyValue size=\"%d\" />\n", ++ xmlSecNssKeyDataEcdsaGetSize(data)); ++} ++#endif /* XMLSEC_NO_ECDSA */ +diff --git a/src/nss/signatures.c b/src/nss/signatures.c +index 4f54170..a8fec2c 100644 +--- a/src/nss/signatures.c ++++ b/src/nss/signatures.c +@@ -83,6 +83,14 @@ xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) { + } + #endif /* XMLSEC_NO_DSA */ + ++#ifndef XMLSEC_NO_ECDSA ++#ifndef XMLSEC_NO_SHA256 ++ if(xmlSecTransformCheckId(transform, xmlSecNssTransformEcdsaSha256Id)) { ++ return(1); ++ } ++#endif /* XMLSEC_NO_SHA256 */ ++#endif /* XMLSEC_NO_ECDSA */ ++ + #ifndef XMLSEC_NO_RSA + + #ifndef XMLSEC_NO_MD5 +@@ -139,6 +147,16 @@ xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) { + } else + #endif /* XMLSEC_NO_DSA */ + ++#ifndef XMLSEC_NO_ECDSA ++#ifndef XMLSEC_NO_SHA256 ++ if(xmlSecTransformCheckId(transform, xmlSecNssTransformEcdsaSha256Id)) { ++ ctx->keyId = xmlSecNssKeyDataEcdsaId; ++ /* This creates a signature which is ASN1 encoded */ ++ ctx->alg = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE; ++ } else ++#endif /* XMLSEC_NO_SHA256 */ ++#endif /* XMLSEC_NO_ECDSA */ ++ + #ifndef XMLSEC_NO_RSA + + #ifndef XMLSEC_NO_MD5 +@@ -331,16 +349,16 @@ xmlSecNssSignatureVerify(xmlSecTransformPtr transform, + signature.data = (unsigned char *)data; + signature.len = dataSize; + +- if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) { ++ if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST || ctx->alg == SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE) { + /* This creates a signature which is ASN1 encoded */ + SECItem signatureDer; + SECStatus statusDer; + +- statusDer = DSAU_EncodeDerSig(&signatureDer, &signature); ++ statusDer = DSAU_EncodeDerSigWithLen(&signatureDer, &signature, signature.len); + if(statusDer != SECSuccess) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), +- "DSAU_EncodeDerSig", ++ "DSAU_EncodeDerSigWithLen", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + "error code=%d", + PORT_GetError()); +@@ -484,20 +502,48 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor + return(-1); + } + +- if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) { ++ if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST || ctx->alg == SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE) { + /* This creates a signature which is ASN1 encoded */ + SECItem * signatureClr; + +- signatureClr = DSAU_DecodeDerSig(&signature); +- if(signatureClr == NULL) { +- xmlSecError(XMLSEC_ERRORS_HERE, +- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), +- "DSAU_EncodeDerSig", +- XMLSEC_ERRORS_R_CRYPTO_FAILED, +- "error code=%d", +- PORT_GetError()); +- SECITEM_FreeItem(&signature, PR_FALSE); +- return(-1); ++ if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) { ++ signatureClr = DSAU_DecodeDerSig(&signature); ++ if(signatureClr == NULL) { ++ xmlSecError(XMLSEC_ERRORS_HERE, ++ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), ++ "DSAU_DecodeDerSig", ++ XMLSEC_ERRORS_R_CRYPTO_FAILED, ++ "error code=%d", ++ PORT_GetError()); ++ SECITEM_FreeItem(&signature, PR_FALSE); ++ return(-1); ++ } ++ } else { ++ /* In the ECDSA case the signature length depends on the ++ * key parameters. */ ++ int signatureSize = PK11_SignatureLen(ctx->u.sig.privkey); ++ if(signatureSize < 1) { ++ xmlSecError(XMLSEC_ERRORS_HERE, ++ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), ++ "PK11_SignatureLen", ++ XMLSEC_ERRORS_R_CRYPTO_FAILED, ++ "error code=%d", ++ PORT_GetError()); ++ SECITEM_FreeItem(&signature, PR_FALSE); ++ return(-1); ++ } ++ ++ signatureClr = DSAU_DecodeDerSigToLen(&signature, signatureSize); ++ if(signatureClr == NULL) { ++ xmlSecError(XMLSEC_ERRORS_HERE, ++ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), ++ "DSAU_DecodeDerSigToLen", ++ XMLSEC_ERRORS_R_CRYPTO_FAILED, ++ "error code=%d", ++ PORT_GetError()); ++ SECITEM_FreeItem(&signature, PR_FALSE); ++ return(-1); ++ } + } + + ret = xmlSecBufferSetData(out, signatureClr->data, signatureClr->len); +@@ -598,6 +644,56 @@ xmlSecNssTransformDsaSha1GetKlass(void) { + + #endif /* XMLSEC_NO_DSA */ + ++#ifndef XMLSEC_NO_ECDSA ++#ifndef XMLSEC_NO_SHA256 ++/**************************************************************************** ++ * ++ * ECDSA-SHA256 signature transform ++ * ++ ***************************************************************************/ ++ ++static xmlSecTransformKlass xmlSecNssEcdsaSha256Klass = { ++ /* klass/object sizes */ ++ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ ++ xmlSecNssSignatureSize, /* xmlSecSize objSize */ ++ ++ xmlSecNameEcdsaSha256, /* const xmlChar* name; */ ++ xmlSecHrefEcdsaSha256, /* const xmlChar* href; */ ++ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */ ++ ++ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */ ++ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */ ++ NULL, /* xmlSecTransformNodeReadMethod readNode; */ ++ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ ++ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */ ++ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */ ++ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */ ++ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ ++ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ ++ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ ++ NULL, /* xmlSecTransformPushXmlMethod pushXml; */ ++ NULL, /* xmlSecTransformPopXmlMethod popXml; */ ++ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */ ++ ++ NULL, /* void* reserved0; */ ++ NULL, /* void* reserved1; */ ++}; ++ ++/** ++ * xmlSecNssTransformEcdsaSha256GetKlass: ++ * ++ * The ECDSA-SHA256 signature transform klass. ++ * ++ * Returns: ECDSA-SHA256 signature transform klass. ++ */ ++xmlSecTransformId ++xmlSecNssTransformEcdsaSha256GetKlass(void) { ++ return(&xmlSecNssEcdsaSha256Klass); ++} ++ ++#endif /* XMLSEC_NO_SHA256 */ ++#endif /* XMLSEC_NO_ECDSA */ ++ + #ifndef XMLSEC_NO_RSA + + #ifndef XMLSEC_NO_MD5 +-- +2.10.2 + |