diff options
Diffstat (limited to 'external/libxmlsec/src/keywrapers.c')
-rw-r--r-- | external/libxmlsec/src/keywrapers.c | 1213 |
1 files changed, 0 insertions, 1213 deletions
diff --git a/external/libxmlsec/src/keywrapers.c b/external/libxmlsec/src/keywrapers.c deleted file mode 100644 index 6066724c874b..000000000000 --- a/external/libxmlsec/src/keywrapers.c +++ /dev/null @@ -1,1213 +0,0 @@ -/** - * - * XMLSec library - * - * AES Algorithm support - * - * This is free software; see Copyright file in the source - * distribution for preciese wording. - * - * Copyright ................................. - */ -#include "globals.h" - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -#include <nss.h> -#include <pk11func.h> -#include <hasht.h> - -#include <xmlsec/xmlsec.h> -#include <xmlsec/xmltree.h> -#include <xmlsec/keys.h> -#include <xmlsec/transforms.h> -#include <xmlsec/errors.h> - -#include <xmlsec/nss/crypto.h> -#include <xmlsec/nss/ciphers.h> - -#define XMLSEC_NSS_AES128_KEY_SIZE 16 -#define XMLSEC_NSS_AES192_KEY_SIZE 24 -#define XMLSEC_NSS_AES256_KEY_SIZE 32 -#define XMLSEC_NSS_DES3_KEY_SIZE 24 -#define XMLSEC_NSS_DES3_KEY_LENGTH 24 -#define XMLSEC_NSS_DES3_IV_LENGTH 8 -#define XMLSEC_NSS_DES3_BLOCK_LENGTH 8 - -static xmlSecByte xmlSecNssKWDes3Iv[XMLSEC_NSS_DES3_IV_LENGTH] = { - 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 -}; - -/********************************************************************* - * - * key wrap transforms - * - ********************************************************************/ -typedef struct _xmlSecNssKeyWrapCtx xmlSecNssKeyWrapCtx ; -typedef struct _xmlSecNssKeyWrapCtx* xmlSecNssKeyWrapCtxPtr ; - -#define xmlSecNssKeyWrapSize \ - ( sizeof( xmlSecTransform ) + sizeof( xmlSecNssKeyWrapCtx ) ) - -#define xmlSecNssKeyWrapGetCtx( transform ) \ - ( ( xmlSecNssKeyWrapCtxPtr )( ( ( xmlSecByte* )( transform ) ) + sizeof( xmlSecTransform ) ) ) - -struct _xmlSecNssKeyWrapCtx { - CK_MECHANISM_TYPE cipher ; - PK11SymKey* symkey ; - xmlSecKeyDataId keyId ; - xmlSecBufferPtr material ; /* to be encrypted/decrypted key material */ -} ; - -static int xmlSecNssKeyWrapInitialize(xmlSecTransformPtr transform); -static void xmlSecNssKeyWrapFinalize(xmlSecTransformPtr transform); -static int xmlSecNssKeyWrapSetKeyReq(xmlSecTransformPtr transform, - xmlSecKeyReqPtr keyReq); -static int xmlSecNssKeyWrapSetKey(xmlSecTransformPtr transform, - xmlSecKeyPtr key); -static int xmlSecNssKeyWrapExecute(xmlSecTransformPtr transform, - int last, - xmlSecTransformCtxPtr transformCtx); -static xmlSecSize xmlSecNssKeyWrapGetKeySize(xmlSecTransformPtr transform); - -static int -xmlSecNssKeyWrapCheckId( - xmlSecTransformPtr transform -) { - #ifndef XMLSEC_NO_DES - if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWDes3Id ) ) { - return(1); - } - #endif /* XMLSEC_NO_DES */ - - #ifndef XMLSEC_NO_AES - if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes128Id ) || - xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes192Id ) || - xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes256Id ) ) { - - return(1); - } - #endif /* XMLSEC_NO_AES */ - - return(0); -} - -static xmlSecSize -xmlSecNssKeyWrapGetKeySize(xmlSecTransformPtr transform) { -#ifndef XMLSEC_NO_DES - if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWDes3Id ) ) { - return(XMLSEC_NSS_DES3_KEY_SIZE); - } else -#endif /* XMLSEC_NO_DES */ - -#ifndef XMLSEC_NO_AES - if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes128Id)) { - return(XMLSEC_NSS_AES128_KEY_SIZE); - } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes192Id)) { - return(XMLSEC_NSS_AES192_KEY_SIZE); - } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) { - return(XMLSEC_NSS_AES256_KEY_SIZE); - } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) { - return(XMLSEC_NSS_AES256_KEY_SIZE); - } else -#endif /* XMLSEC_NO_AES */ - - if(1) - return(0); -} - - -static int -xmlSecNssKeyWrapInitialize(xmlSecTransformPtr transform) { - xmlSecNssKeyWrapCtxPtr context ; - int ret; - - xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1); - xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1); - - context = xmlSecNssKeyWrapGetCtx( transform ) ; - xmlSecAssert2( context != NULL , -1 ) ; - - #ifndef XMLSEC_NO_DES - if( transform->id == xmlSecNssTransformKWDes3Id ) { - context->cipher = CKM_DES3_CBC ; - context->keyId = xmlSecNssKeyDataDesId ; - } else - #endif /* XMLSEC_NO_DES */ - - #ifndef XMLSEC_NO_AES - if( transform->id == xmlSecNssTransformKWAes128Id ) { - /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/ - context->cipher = CKM_AES_CBC ; - context->keyId = xmlSecNssKeyDataAesId ; - } else - if( transform->id == xmlSecNssTransformKWAes192Id ) { - /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/ - context->cipher = CKM_AES_CBC ; - context->keyId = xmlSecNssKeyDataAesId ; - } else - if( transform->id == xmlSecNssTransformKWAes256Id ) { - /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/ - context->cipher = CKM_AES_CBC ; - context->keyId = xmlSecNssKeyDataAesId ; - } else - #endif /* XMLSEC_NO_AES */ - - - if( 1 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), - NULL , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - context->symkey = NULL ; - context->material = NULL ; - - return(0); -} - -static void -xmlSecNssKeyWrapFinalize(xmlSecTransformPtr transform) { - xmlSecNssKeyWrapCtxPtr context ; - - xmlSecAssert(xmlSecNssKeyWrapCheckId(transform)); - xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize)); - - context = xmlSecNssKeyWrapGetCtx( transform ) ; - xmlSecAssert( context != NULL ) ; - - if( context->symkey != NULL ) { - PK11_FreeSymKey( context->symkey ) ; - context->symkey = NULL ; - } - - if( context->material != NULL ) { - xmlSecBufferDestroy(context->material); - context->material = NULL ; - } -} - -static int -xmlSecNssKeyWrapSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) { - xmlSecNssKeyWrapCtxPtr context ; - xmlSecSize cipherSize = 0 ; - - - xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1); - xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1); - xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); - xmlSecAssert2(keyReq != NULL, -1); - - context = xmlSecNssKeyWrapGetCtx( transform ) ; - xmlSecAssert2( context != NULL , -1 ) ; - - keyReq->keyId = context->keyId; - keyReq->keyType = xmlSecKeyDataTypeSymmetric; - if(transform->operation == xmlSecTransformOperationEncrypt) { - keyReq->keyUsage = xmlSecKeyUsageEncrypt; - } else { - keyReq->keyUsage = xmlSecKeyUsageDecrypt; - } - - keyReq->keyBitsSize = xmlSecNssKeyWrapGetKeySize( transform ) ; - - return(0); -} - -static int -xmlSecNssKeyWrapSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) { - xmlSecNssKeyWrapCtxPtr context = NULL ; - xmlSecKeyDataPtr keyData = NULL ; - PK11SymKey* symkey = NULL ; - - xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1); - xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1); - xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1); - xmlSecAssert2(key != NULL, -1); - - context = xmlSecNssKeyWrapGetCtx( transform ) ; - if( context == NULL || context->keyId == NULL || context->symkey != NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - "xmlSecNssKeyWrapGetCtx" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ; - - keyData = xmlSecKeyGetValue( key ) ; - if( keyData == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecKeyGetName( key ) ) , - "xmlSecKeyGetValue" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( ( symkey = xmlSecNssSymKeyDataGetKey( keyData ) ) == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) , - "xmlSecNssSymKeyDataGetKey" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - context->symkey = symkey ; - - return(0) ; -} - -/** - * key wrap transform - */ -static int -xmlSecNssKeyWrapCtxInit( - xmlSecNssKeyWrapCtxPtr ctx , - xmlSecBufferPtr in , - xmlSecBufferPtr out , - int encrypt , - xmlSecTransformCtxPtr transformCtx -) { - xmlSecSize blockSize ; - - xmlSecAssert2( ctx != NULL , -1 ) ; - xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( ctx->symkey != NULL , -1 ) ; - xmlSecAssert2( ctx->keyId != NULL , -1 ) ; - xmlSecAssert2( in != NULL , -1 ) ; - xmlSecAssert2( out != NULL , -1 ) ; - xmlSecAssert2( transformCtx != NULL , -1 ) ; - - if( ctx->material != NULL ) { - xmlSecBufferDestroy( ctx->material ) ; - ctx->material = NULL ; - } - - if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_GetBlockSize" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - ctx->material = xmlSecBufferCreate( blockSize ) ; - if( ctx->material == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferCreate" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - /* read raw key material into context */ - if( xmlSecBufferSetData( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferSetData" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferRemoveHead" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - return(0); -} - -/** - * key wrap transform update - */ -static int -xmlSecNssKeyWrapCtxUpdate( - xmlSecNssKeyWrapCtxPtr ctx , - xmlSecBufferPtr in , - xmlSecBufferPtr out , - int encrypt , - xmlSecTransformCtxPtr transformCtx -) { - xmlSecAssert2( ctx != NULL , -1 ) ; - xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( ctx->symkey != NULL , -1 ) ; - xmlSecAssert2( ctx->keyId != NULL , -1 ) ; - xmlSecAssert2( ctx->material != NULL , -1 ) ; - xmlSecAssert2( in != NULL , -1 ) ; - xmlSecAssert2( out != NULL , -1 ) ; - xmlSecAssert2( transformCtx != NULL , -1 ) ; - - /* read raw key material and append into context */ - if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferAppend" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferRemoveHead" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - return(0); -} - -static int -xmlSecNssKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size) { - xmlSecSize s; - xmlSecSize i; - xmlSecByte c; - - xmlSecAssert2(buf != NULL, -1); - - s = size / 2; - --size; - for(i = 0; i < s; ++i) { - c = buf[i]; - buf[i] = buf[size - i]; - buf[size - i] = c; - } - return(0); -} - -static xmlSecByte * -xmlSecNssComputeSHA1(const xmlSecByte *in, xmlSecSize inSize, - xmlSecByte *out, xmlSecSize outSize) -{ - PK11Context *context = NULL; - SECStatus s; - xmlSecByte *digest = NULL; - unsigned int len; - - xmlSecAssert2(in != NULL, NULL); - xmlSecAssert2(out != NULL, NULL); - xmlSecAssert2(outSize >= SHA1_LENGTH, NULL); - - /* Create a context for hashing (digesting) */ - context = PK11_CreateDigestContext(SEC_OID_SHA1); - if (context == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CreateDigestContext", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code = %d", PORT_GetError()); - goto done; - } - - s = PK11_DigestBegin(context); - if (s != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestBegin", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code = %d", PORT_GetError()); - goto done; - } - - s = PK11_DigestOp(context, in, inSize); - if (s != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestOp", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code = %d", PORT_GetError()); - goto done; - } - - s = PK11_DigestFinal(context, out, &len, outSize); - if (s != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code = %d", PORT_GetError()); - goto done; - } - xmlSecAssert2(len == SHA1_LENGTH, NULL); - - digest = out; - -done: - if (context != NULL) { - PK11_DestroyContext(context, PR_TRUE); - } - return (digest); -} - -static int -xmlSecNssKWDes3Encrypt( - PK11SymKey* symKey , - CK_MECHANISM_TYPE cipherMech , - const xmlSecByte* iv , - xmlSecSize ivSize , - const xmlSecByte* in , - xmlSecSize inSize , - xmlSecByte* out , - xmlSecSize outSize , - int enc -) { - PK11Context* EncContext = NULL; - SECItem ivItem ; - SECItem* secParam = NULL ; - int tmp1_outlen; - unsigned int tmp2_outlen; - int result_len = -1; - SECStatus rv; - - xmlSecAssert2( cipherMech != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( symKey != NULL , -1 ) ; - xmlSecAssert2(iv != NULL, -1); - xmlSecAssert2(ivSize == XMLSEC_NSS_DES3_IV_LENGTH, -1); - xmlSecAssert2(in != NULL, -1); - xmlSecAssert2(inSize > 0, -1); - xmlSecAssert2(out != NULL, -1); - xmlSecAssert2(outSize >= inSize, -1); - - /* Prepare IV */ - ivItem.data = ( unsigned char* )iv ; - ivItem.len = ivSize ; - - secParam = PK11_ParamFromIV(cipherMech, &ivItem); - if (secParam == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_ParamFromIV", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "Error code = %d", PORT_GetError()); - goto done; - } - - EncContext = PK11_CreateContextBySymKey(cipherMech, - enc ? CKA_ENCRYPT : CKA_DECRYPT, - symKey, secParam); - if (EncContext == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CreateContextBySymKey", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "Error code = %d", PORT_GetError()); - goto done; - } - - tmp1_outlen = tmp2_outlen = 0; - rv = PK11_CipherOp(EncContext, out, &tmp1_outlen, outSize, - (unsigned char *)in, inSize); - if (rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_CipherOp", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "Error code = %d", PORT_GetError()); - goto done; - } - - rv = PK11_DigestFinal(EncContext, out+tmp1_outlen, - &tmp2_outlen, outSize-tmp1_outlen); - if (rv != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_DigestFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "Error code = %d", PORT_GetError()); - goto done; - } - - result_len = tmp1_outlen + tmp2_outlen; - -done: - if (secParam) { - SECITEM_FreeItem(secParam, PR_TRUE); - } - if (EncContext) { - PK11_DestroyContext(EncContext, PR_TRUE); - } - - return(result_len); -} - -static int -xmlSecNssKeyWrapDesOp( - xmlSecNssKeyWrapCtxPtr ctx , - int encrypt , - xmlSecBufferPtr result -) { - xmlSecByte sha1[SHA1_LENGTH]; - xmlSecByte iv[XMLSEC_NSS_DES3_IV_LENGTH]; - xmlSecByte* in; - xmlSecSize inSize; - xmlSecByte* out; - xmlSecSize outSize; - xmlSecSize s; - int ret; - SECStatus status; - - xmlSecAssert2( ctx != NULL , -1 ) ; - xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( ctx->symkey != NULL , -1 ) ; - xmlSecAssert2( ctx->keyId != NULL , -1 ) ; - xmlSecAssert2( ctx->material != NULL , -1 ) ; - xmlSecAssert2( result != NULL , -1 ) ; - - in = xmlSecBufferGetData(ctx->material); - inSize = xmlSecBufferGetSize(ctx->material) ; - out = xmlSecBufferGetData(result); - outSize = xmlSecBufferGetMaxSize(result) ; - if( encrypt ) { - /* step 2: calculate sha1 and CMS */ - if(xmlSecNssComputeSHA1(in, inSize, sha1, SHA1_LENGTH) == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssComputeSHA1", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - /* step 3: construct WKCKS */ - memcpy(out, in, inSize); - memcpy(out + inSize, sha1, XMLSEC_NSS_DES3_BLOCK_LENGTH); - - /* step 4: generate random iv */ - status = PK11_GenerateRandom(iv, XMLSEC_NSS_DES3_IV_LENGTH); - if(status != SECSuccess) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "PK11_GenerateRandom", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - "error code = %d", PORT_GetError()); - return(-1); - } - - /* step 5: first encryption, result is TEMP1 */ - ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher, - iv, XMLSEC_NSS_DES3_IV_LENGTH, - out, inSize + XMLSEC_NSS_DES3_IV_LENGTH, - out, outSize, 1); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - /* step 6: construct TEMP2=IV || TEMP1 */ - memmove(out + XMLSEC_NSS_DES3_IV_LENGTH, out, - inSize + XMLSEC_NSS_DES3_IV_LENGTH); - memcpy(out, iv, XMLSEC_NSS_DES3_IV_LENGTH); - s = ret + XMLSEC_NSS_DES3_IV_LENGTH; - - /* step 7: reverse octets order, result is TEMP3 */ - ret = xmlSecNssKWDes3BufferReverse(out, s); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3BufferReverse", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - /* step 8: second encryption with static IV */ - ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher, - xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH, - out, s, - out, outSize, 1); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - s = ret; - - if( xmlSecBufferSetSize( result , s ) < 0 ) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - } else { - /* step 2: first decryption with static IV, result is TEMP3 */ - ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher, - xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH, - in, inSize, - out, outSize, 0); - if((ret < 0) || (ret < XMLSEC_NSS_DES3_IV_LENGTH)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - s = ret; - - /* step 3: reverse octets order in TEMP3, result is TEMP2 */ - ret = xmlSecNssKWDes3BufferReverse(out, s); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3BufferReverse", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - /* steps 4 and 5: get IV and decrypt second time, result is WKCKS */ - ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher, - out, XMLSEC_NSS_DES3_IV_LENGTH, - out+XMLSEC_NSS_DES3_IV_LENGTH, s-XMLSEC_NSS_DES3_IV_LENGTH, - out, outSize, 0); - if((ret < 0) || (ret < XMLSEC_NSS_DES3_BLOCK_LENGTH)) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssKWDes3Encrypt", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - s = ret - XMLSEC_NSS_DES3_IV_LENGTH; - - /* steps 6 and 7: calculate SHA1 and validate it */ - if(xmlSecNssComputeSHA1(out, s, sha1, SHA1_LENGTH) == NULL) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecNssComputeSHA1", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - - if(memcmp(sha1, out + s, XMLSEC_NSS_DES3_BLOCK_LENGTH) != 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - NULL, - XMLSEC_ERRORS_R_INVALID_DATA, - "SHA1 does not match"); - return(-1); - } - - if( xmlSecBufferSetSize( result , s ) < 0 ) { - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - "xmlSecBufferSetSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } - } - - return(0); -} - -static int -xmlSecNssKeyWrapAesOp( - xmlSecNssKeyWrapCtxPtr ctx , - int encrypt , - xmlSecBufferPtr result -) { - PK11Context* cipherCtx = NULL; - SECItem ivItem ; - SECItem* secParam = NULL ; - xmlSecSize inSize ; - xmlSecSize inBlocks ; - int blockSize ; - int midSize ; - int finSize ; - xmlSecByte* out ; - xmlSecSize outSize; - - xmlSecAssert2( ctx != NULL , -1 ) ; - xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( ctx->symkey != NULL , -1 ) ; - xmlSecAssert2( ctx->keyId != NULL , -1 ) ; - xmlSecAssert2( ctx->material != NULL , -1 ) ; - xmlSecAssert2( result != NULL , -1 ) ; - - /* Do not set any IV */ - memset(&ivItem, 0, sizeof(ivItem)); - - /* Get block size */ - if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_GetBlockSize" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - inSize = xmlSecBufferGetSize( ctx->material ) ; - if( xmlSecBufferSetMaxSize( result , inSize + blockSize ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferSetMaxSize" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - /* Get Param for context initialization */ - if( ( secParam = PK11_ParamFromIV( ctx->cipher , &ivItem ) ) == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_ParamFromIV" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - cipherCtx = PK11_CreateContextBySymKey( ctx->cipher , encrypt ? CKA_ENCRYPT : CKA_DECRYPT , ctx->symkey , secParam ) ; - if( cipherCtx == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_CreateContextBySymKey" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - SECITEM_FreeItem( secParam , PR_TRUE ) ; - return(-1); - } - - out = xmlSecBufferGetData(result) ; - outSize = xmlSecBufferGetMaxSize(result) ; - if( PK11_CipherOp( cipherCtx , out, &midSize , outSize , xmlSecBufferGetData( ctx->material ) , inSize ) != SECSuccess ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_CipherOp" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( PK11_DigestFinal( cipherCtx , out + midSize , &finSize , outSize - midSize ) != SECSuccess ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_DigestFinal" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( xmlSecBufferSetSize( result , midSize + finSize ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferSetSize" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - return 0 ; -} - -/** - * Block cipher transform final - */ -static int -xmlSecNssKeyWrapCtxFinal( - xmlSecNssKeyWrapCtxPtr ctx , - xmlSecBufferPtr in , - xmlSecBufferPtr out , - int encrypt , - xmlSecTransformCtxPtr transformCtx -) { - PK11SymKey* targetKey ; - xmlSecSize blockSize ; - xmlSecBufferPtr result ; - - xmlSecAssert2( ctx != NULL , -1 ) ; - xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ; - xmlSecAssert2( ctx->symkey != NULL , -1 ) ; - xmlSecAssert2( ctx->keyId != NULL , -1 ) ; - xmlSecAssert2( ctx->material != NULL , -1 ) ; - xmlSecAssert2( in != NULL , -1 ) ; - xmlSecAssert2( out != NULL , -1 ) ; - xmlSecAssert2( transformCtx != NULL , -1 ) ; - - /* read raw key material and append into context */ - if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferAppend" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferRemoveHead" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - /* Now we get all of the key materail */ - /* from now on we will wrap or unwrap the key */ - if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "PK11_GetBlockSize" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - result = xmlSecBufferCreate( blockSize ) ; - if( result == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferCreate" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - switch( ctx->cipher ) { - case CKM_DES3_CBC : - if( xmlSecNssKeyWrapDesOp(ctx, encrypt, result) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecNssKeyWrapDesOp" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - xmlSecBufferDestroy(result); - return(-1); - } - break ; - /* case CKM_NETSCAPE_AES_KEY_WRAP :*/ - case CKM_AES_CBC : - if( xmlSecNssKeyWrapAesOp(ctx, encrypt, result) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecNssKeyWrapAesOp" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - xmlSecBufferDestroy(result); - return(-1); - } - break ; - } - - /* Write output */ - if( xmlSecBufferAppend( out, xmlSecBufferGetData(result), xmlSecBufferGetSize(result) ) < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - NULL , - "xmlSecBufferAppend" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - xmlSecBufferDestroy(result); - return(-1); - } - xmlSecBufferDestroy(result); - - return(0); -} - -static int -xmlSecNssKeyWrapExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) { - xmlSecNssKeyWrapCtxPtr context = NULL ; - xmlSecBufferPtr inBuf, outBuf ; - int operation ; - int rtv ; - - xmlSecAssert2( xmlSecNssKeyWrapCheckId( transform ), -1 ) ; - xmlSecAssert2( xmlSecTransformCheckSize( transform, xmlSecNssKeyWrapSize ), -1 ) ; - xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ; - xmlSecAssert2( transformCtx != NULL , -1 ) ; - - context = xmlSecNssKeyWrapGetCtx( transform ) ; - if( context == NULL ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - "xmlSecNssKeyWrapGetCtx" , - XMLSEC_ERRORS_R_CRYPTO_FAILED , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - - inBuf = &( transform->inBuf ) ; - outBuf = &( transform->outBuf ) ; - - if( transform->status == xmlSecTransformStatusNone ) { - transform->status = xmlSecTransformStatusWorking ; - } - - operation = ( transform->operation == xmlSecTransformOperationEncrypt ) ? 1 : 0 ; - if( transform->status == xmlSecTransformStatusWorking ) { - if( context->material == NULL ) { - rtv = xmlSecNssKeyWrapCtxInit( context, inBuf , outBuf , operation , transformCtx ) ; - if( rtv < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - "xmlSecNssKeyWrapCtxInit" , - XMLSEC_ERRORS_R_INVALID_STATUS , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - } - - if( context->material == NULL && last != 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - NULL , - XMLSEC_ERRORS_R_INVALID_STATUS , - "No enough data to intialize transform" ) ; - return(-1); - } - - if( context->material != NULL ) { - rtv = xmlSecNssKeyWrapCtxUpdate( context, inBuf , outBuf , operation , transformCtx ) ; - if( rtv < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - "xmlSecNssKeyWrapCtxUpdate" , - XMLSEC_ERRORS_R_INVALID_STATUS , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - } - - if( last ) { - rtv = xmlSecNssKeyWrapCtxFinal( context, inBuf , outBuf , operation , transformCtx ) ; - if( rtv < 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - "xmlSecNssKeyWrapCtxFinal" , - XMLSEC_ERRORS_R_INVALID_STATUS , - XMLSEC_ERRORS_NO_MESSAGE ) ; - return(-1); - } - transform->status = xmlSecTransformStatusFinished ; - } - } else if( transform->status == xmlSecTransformStatusFinished ) { - if( xmlSecBufferGetSize( inBuf ) != 0 ) { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - NULL , - XMLSEC_ERRORS_R_INVALID_STATUS , - "status=%d", transform->status ) ; - return(-1); - } - } else { - xmlSecError( XMLSEC_ERRORS_HERE , - xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) , - NULL , - XMLSEC_ERRORS_R_INVALID_STATUS , - "status=%d", transform->status ) ; - return(-1); - } - - return(0); -} - -#ifndef XMLSEC_NO_AES - - -#ifdef __MINGW32__ // for runtime-pseudo-reloc -static struct _xmlSecTransformKlass xmlSecNssKWAes128Klass = { -#else -static xmlSecTransformKlass xmlSecNssKWAes128Klass = { -#endif - /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssKeyWrapSize, /* xmlSecSize objSize */ - - xmlSecNameKWAes128, /* const xmlChar* name; */ - xmlSecHrefKWAes128, /* const xmlChar* href; */ - xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */ - - xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */ - xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - NULL, /* xmlSecTransformValidateMethod validate; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ -}; - -#ifdef __MINGW32__ // for runtime-pseudo-reloc -static struct _xmlSecTransformKlass xmlSecNssKWAes192Klass = { -#else -static xmlSecTransformKlass xmlSecNssKWAes192Klass = { -#endif - /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssKeyWrapSize, /* xmlSecSize objSize */ - - xmlSecNameKWAes192, /* const xmlChar* name; */ - xmlSecHrefKWAes192, /* const xmlChar* href; */ - xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */ - - xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */ - xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - NULL, /* xmlSecTransformValidateMethod validate; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ -}; - -#ifdef __MINGW32__ // for runtime-pseudo-reloc -static struct _xmlSecTransformKlass xmlSecNssKWAes256Klass = { -#else -static xmlSecTransformKlass xmlSecNssKWAes256Klass = { -#endif - /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssKeyWrapSize, /* xmlSecSize objSize */ - - xmlSecNameKWAes256, /* const xmlChar* name; */ - xmlSecHrefKWAes256, /* const xmlChar* href; */ - xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */ - - xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */ - xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - NULL, /* xmlSecTransformValidateMethod validate; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ -}; - -/** - * xmlSecNssTransformKWAes128GetKlass: - * - * The AES-128 key wrapper transform klass. - * - * Returns AES-128 key wrapper transform klass. - */ -xmlSecTransformId -xmlSecNssTransformKWAes128GetKlass(void) { - return(&xmlSecNssKWAes128Klass); -} - -/** - * xmlSecNssTransformKWAes192GetKlass: - * - * The AES-192 key wrapper transform klass. - * - * Returns AES-192 key wrapper transform klass. - */ -xmlSecTransformId -xmlSecNssTransformKWAes192GetKlass(void) { - return(&xmlSecNssKWAes192Klass); -} - -/** - * - * The AES-256 key wrapper transform klass. - * - * Returns AES-256 key wrapper transform klass. - */ -xmlSecTransformId -xmlSecNssTransformKWAes256GetKlass(void) { - return(&xmlSecNssKWAes256Klass); -} - -#endif /* XMLSEC_NO_AES */ - - -#ifndef XMLSEC_NO_DES - -#ifdef __MINGW32__ // for runtime-pseudo-reloc -static struct _xmlSecTransformKlass xmlSecNssKWDes3Klass = { -#else -static xmlSecTransformKlass xmlSecNssKWDes3Klass = { -#endif - /* klass/object sizes */ - sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */ - xmlSecNssKeyWrapSize, /* xmlSecSize objSize */ - - xmlSecNameKWDes3, /* const xmlChar* name; */ - xmlSecHrefKWDes3, /* const xmlChar* href; */ - xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */ - - xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */ - xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */ - NULL, /* xmlSecTransformNodeReadMethod readNode; */ - NULL, /* xmlSecTransformNodeWriteMethod writeNode; */ - xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */ - xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */ - NULL, /* xmlSecTransformValidateMethod validate; */ - xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */ - xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */ - xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */ - NULL, /* xmlSecTransformPushXmlMethod pushXml; */ - NULL, /* xmlSecTransformPopXmlMethod popXml; */ - xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */ - - NULL, /* void* reserved0; */ - NULL, /* void* reserved1; */ -}; - -/** - * xmlSecNssTransformKWDes3GetKlass: - * - * The Triple DES key wrapper transform klass. - * - * Returns Triple DES key wrapper transform klass. - */ -xmlSecTransformId -xmlSecNssTransformKWDes3GetKlass(void) { - return(&xmlSecNssKWDes3Klass); -} - -#endif /* XMLSEC_NO_DES */ - |