summaryrefslogtreecommitdiff
path: root/external/libxmlsec/src/keywrapers.c
diff options
context:
space:
mode:
Diffstat (limited to 'external/libxmlsec/src/keywrapers.c')
-rw-r--r--external/libxmlsec/src/keywrapers.c1213
1 files changed, 0 insertions, 1213 deletions
diff --git a/external/libxmlsec/src/keywrapers.c b/external/libxmlsec/src/keywrapers.c
deleted file mode 100644
index 6066724c874b..000000000000
--- a/external/libxmlsec/src/keywrapers.c
+++ /dev/null
@@ -1,1213 +0,0 @@
-/**
- *
- * XMLSec library
- *
- * AES Algorithm support
- *
- * This is free software; see Copyright file in the source
- * distribution for preciese wording.
- *
- * Copyright .................................
- */
-#include "globals.h"
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <nss.h>
-#include <pk11func.h>
-#include <hasht.h>
-
-#include <xmlsec/xmlsec.h>
-#include <xmlsec/xmltree.h>
-#include <xmlsec/keys.h>
-#include <xmlsec/transforms.h>
-#include <xmlsec/errors.h>
-
-#include <xmlsec/nss/crypto.h>
-#include <xmlsec/nss/ciphers.h>
-
-#define XMLSEC_NSS_AES128_KEY_SIZE 16
-#define XMLSEC_NSS_AES192_KEY_SIZE 24
-#define XMLSEC_NSS_AES256_KEY_SIZE 32
-#define XMLSEC_NSS_DES3_KEY_SIZE 24
-#define XMLSEC_NSS_DES3_KEY_LENGTH 24
-#define XMLSEC_NSS_DES3_IV_LENGTH 8
-#define XMLSEC_NSS_DES3_BLOCK_LENGTH 8
-
-static xmlSecByte xmlSecNssKWDes3Iv[XMLSEC_NSS_DES3_IV_LENGTH] = {
- 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05
-};
-
-/*********************************************************************
- *
- * key wrap transforms
- *
- ********************************************************************/
-typedef struct _xmlSecNssKeyWrapCtx xmlSecNssKeyWrapCtx ;
-typedef struct _xmlSecNssKeyWrapCtx* xmlSecNssKeyWrapCtxPtr ;
-
-#define xmlSecNssKeyWrapSize \
- ( sizeof( xmlSecTransform ) + sizeof( xmlSecNssKeyWrapCtx ) )
-
-#define xmlSecNssKeyWrapGetCtx( transform ) \
- ( ( xmlSecNssKeyWrapCtxPtr )( ( ( xmlSecByte* )( transform ) ) + sizeof( xmlSecTransform ) ) )
-
-struct _xmlSecNssKeyWrapCtx {
- CK_MECHANISM_TYPE cipher ;
- PK11SymKey* symkey ;
- xmlSecKeyDataId keyId ;
- xmlSecBufferPtr material ; /* to be encrypted/decrypted key material */
-} ;
-
-static int xmlSecNssKeyWrapInitialize(xmlSecTransformPtr transform);
-static void xmlSecNssKeyWrapFinalize(xmlSecTransformPtr transform);
-static int xmlSecNssKeyWrapSetKeyReq(xmlSecTransformPtr transform,
- xmlSecKeyReqPtr keyReq);
-static int xmlSecNssKeyWrapSetKey(xmlSecTransformPtr transform,
- xmlSecKeyPtr key);
-static int xmlSecNssKeyWrapExecute(xmlSecTransformPtr transform,
- int last,
- xmlSecTransformCtxPtr transformCtx);
-static xmlSecSize xmlSecNssKeyWrapGetKeySize(xmlSecTransformPtr transform);
-
-static int
-xmlSecNssKeyWrapCheckId(
- xmlSecTransformPtr transform
-) {
- #ifndef XMLSEC_NO_DES
- if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWDes3Id ) ) {
- return(1);
- }
- #endif /* XMLSEC_NO_DES */
-
- #ifndef XMLSEC_NO_AES
- if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes128Id ) ||
- xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes192Id ) ||
- xmlSecTransformCheckId( transform, xmlSecNssTransformKWAes256Id ) ) {
-
- return(1);
- }
- #endif /* XMLSEC_NO_AES */
-
- return(0);
-}
-
-static xmlSecSize
-xmlSecNssKeyWrapGetKeySize(xmlSecTransformPtr transform) {
-#ifndef XMLSEC_NO_DES
- if( xmlSecTransformCheckId( transform, xmlSecNssTransformKWDes3Id ) ) {
- return(XMLSEC_NSS_DES3_KEY_SIZE);
- } else
-#endif /* XMLSEC_NO_DES */
-
-#ifndef XMLSEC_NO_AES
- if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes128Id)) {
- return(XMLSEC_NSS_AES128_KEY_SIZE);
- } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes192Id)) {
- return(XMLSEC_NSS_AES192_KEY_SIZE);
- } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) {
- return(XMLSEC_NSS_AES256_KEY_SIZE);
- } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) {
- return(XMLSEC_NSS_AES256_KEY_SIZE);
- } else
-#endif /* XMLSEC_NO_AES */
-
- if(1)
- return(0);
-}
-
-
-static int
-xmlSecNssKeyWrapInitialize(xmlSecTransformPtr transform) {
- xmlSecNssKeyWrapCtxPtr context ;
- int ret;
-
- xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1);
-
- context = xmlSecNssKeyWrapGetCtx( transform ) ;
- xmlSecAssert2( context != NULL , -1 ) ;
-
- #ifndef XMLSEC_NO_DES
- if( transform->id == xmlSecNssTransformKWDes3Id ) {
- context->cipher = CKM_DES3_CBC ;
- context->keyId = xmlSecNssKeyDataDesId ;
- } else
- #endif /* XMLSEC_NO_DES */
-
- #ifndef XMLSEC_NO_AES
- if( transform->id == xmlSecNssTransformKWAes128Id ) {
- /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/
- context->cipher = CKM_AES_CBC ;
- context->keyId = xmlSecNssKeyDataAesId ;
- } else
- if( transform->id == xmlSecNssTransformKWAes192Id ) {
- /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/
- context->cipher = CKM_AES_CBC ;
- context->keyId = xmlSecNssKeyDataAesId ;
- } else
- if( transform->id == xmlSecNssTransformKWAes256Id ) {
- /* context->cipher = CKM_NETSCAPE_AES_KEY_WRAP ;*/
- context->cipher = CKM_AES_CBC ;
- context->keyId = xmlSecNssKeyDataAesId ;
- } else
- #endif /* XMLSEC_NO_AES */
-
-
- if( 1 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
- NULL ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- context->symkey = NULL ;
- context->material = NULL ;
-
- return(0);
-}
-
-static void
-xmlSecNssKeyWrapFinalize(xmlSecTransformPtr transform) {
- xmlSecNssKeyWrapCtxPtr context ;
-
- xmlSecAssert(xmlSecNssKeyWrapCheckId(transform));
- xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize));
-
- context = xmlSecNssKeyWrapGetCtx( transform ) ;
- xmlSecAssert( context != NULL ) ;
-
- if( context->symkey != NULL ) {
- PK11_FreeSymKey( context->symkey ) ;
- context->symkey = NULL ;
- }
-
- if( context->material != NULL ) {
- xmlSecBufferDestroy(context->material);
- context->material = NULL ;
- }
-}
-
-static int
-xmlSecNssKeyWrapSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
- xmlSecNssKeyWrapCtxPtr context ;
- xmlSecSize cipherSize = 0 ;
-
-
- xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(keyReq != NULL, -1);
-
- context = xmlSecNssKeyWrapGetCtx( transform ) ;
- xmlSecAssert2( context != NULL , -1 ) ;
-
- keyReq->keyId = context->keyId;
- keyReq->keyType = xmlSecKeyDataTypeSymmetric;
- if(transform->operation == xmlSecTransformOperationEncrypt) {
- keyReq->keyUsage = xmlSecKeyUsageEncrypt;
- } else {
- keyReq->keyUsage = xmlSecKeyUsageDecrypt;
- }
-
- keyReq->keyBitsSize = xmlSecNssKeyWrapGetKeySize( transform ) ;
-
- return(0);
-}
-
-static int
-xmlSecNssKeyWrapSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
- xmlSecNssKeyWrapCtxPtr context = NULL ;
- xmlSecKeyDataPtr keyData = NULL ;
- PK11SymKey* symkey = NULL ;
-
- xmlSecAssert2(xmlSecNssKeyWrapCheckId(transform), -1);
- xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyWrapSize), -1);
- xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
- xmlSecAssert2(key != NULL, -1);
-
- context = xmlSecNssKeyWrapGetCtx( transform ) ;
- if( context == NULL || context->keyId == NULL || context->symkey != NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- "xmlSecNssKeyWrapGetCtx" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
- xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ;
-
- keyData = xmlSecKeyGetValue( key ) ;
- if( keyData == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecKeyGetName( key ) ) ,
- "xmlSecKeyGetValue" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( ( symkey = xmlSecNssSymKeyDataGetKey( keyData ) ) == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
- "xmlSecNssSymKeyDataGetKey" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- context->symkey = symkey ;
-
- return(0) ;
-}
-
-/**
- * key wrap transform
- */
-static int
-xmlSecNssKeyWrapCtxInit(
- xmlSecNssKeyWrapCtxPtr ctx ,
- xmlSecBufferPtr in ,
- xmlSecBufferPtr out ,
- int encrypt ,
- xmlSecTransformCtxPtr transformCtx
-) {
- xmlSecSize blockSize ;
-
- xmlSecAssert2( ctx != NULL , -1 ) ;
- xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( ctx->symkey != NULL , -1 ) ;
- xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
- xmlSecAssert2( in != NULL , -1 ) ;
- xmlSecAssert2( out != NULL , -1 ) ;
- xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
- if( ctx->material != NULL ) {
- xmlSecBufferDestroy( ctx->material ) ;
- ctx->material = NULL ;
- }
-
- if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_GetBlockSize" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- ctx->material = xmlSecBufferCreate( blockSize ) ;
- if( ctx->material == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferCreate" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- /* read raw key material into context */
- if( xmlSecBufferSetData( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferSetData" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferRemoveHead" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- return(0);
-}
-
-/**
- * key wrap transform update
- */
-static int
-xmlSecNssKeyWrapCtxUpdate(
- xmlSecNssKeyWrapCtxPtr ctx ,
- xmlSecBufferPtr in ,
- xmlSecBufferPtr out ,
- int encrypt ,
- xmlSecTransformCtxPtr transformCtx
-) {
- xmlSecAssert2( ctx != NULL , -1 ) ;
- xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( ctx->symkey != NULL , -1 ) ;
- xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
- xmlSecAssert2( ctx->material != NULL , -1 ) ;
- xmlSecAssert2( in != NULL , -1 ) ;
- xmlSecAssert2( out != NULL , -1 ) ;
- xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
- /* read raw key material and append into context */
- if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferAppend" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferRemoveHead" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- return(0);
-}
-
-static int
-xmlSecNssKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size) {
- xmlSecSize s;
- xmlSecSize i;
- xmlSecByte c;
-
- xmlSecAssert2(buf != NULL, -1);
-
- s = size / 2;
- --size;
- for(i = 0; i < s; ++i) {
- c = buf[i];
- buf[i] = buf[size - i];
- buf[size - i] = c;
- }
- return(0);
-}
-
-static xmlSecByte *
-xmlSecNssComputeSHA1(const xmlSecByte *in, xmlSecSize inSize,
- xmlSecByte *out, xmlSecSize outSize)
-{
- PK11Context *context = NULL;
- SECStatus s;
- xmlSecByte *digest = NULL;
- unsigned int len;
-
- xmlSecAssert2(in != NULL, NULL);
- xmlSecAssert2(out != NULL, NULL);
- xmlSecAssert2(outSize >= SHA1_LENGTH, NULL);
-
- /* Create a context for hashing (digesting) */
- context = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (context == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_CreateDigestContext",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "error code = %d", PORT_GetError());
- goto done;
- }
-
- s = PK11_DigestBegin(context);
- if (s != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_DigestBegin",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "error code = %d", PORT_GetError());
- goto done;
- }
-
- s = PK11_DigestOp(context, in, inSize);
- if (s != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_DigestOp",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "error code = %d", PORT_GetError());
- goto done;
- }
-
- s = PK11_DigestFinal(context, out, &len, outSize);
- if (s != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_DigestFinal",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "error code = %d", PORT_GetError());
- goto done;
- }
- xmlSecAssert2(len == SHA1_LENGTH, NULL);
-
- digest = out;
-
-done:
- if (context != NULL) {
- PK11_DestroyContext(context, PR_TRUE);
- }
- return (digest);
-}
-
-static int
-xmlSecNssKWDes3Encrypt(
- PK11SymKey* symKey ,
- CK_MECHANISM_TYPE cipherMech ,
- const xmlSecByte* iv ,
- xmlSecSize ivSize ,
- const xmlSecByte* in ,
- xmlSecSize inSize ,
- xmlSecByte* out ,
- xmlSecSize outSize ,
- int enc
-) {
- PK11Context* EncContext = NULL;
- SECItem ivItem ;
- SECItem* secParam = NULL ;
- int tmp1_outlen;
- unsigned int tmp2_outlen;
- int result_len = -1;
- SECStatus rv;
-
- xmlSecAssert2( cipherMech != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( symKey != NULL , -1 ) ;
- xmlSecAssert2(iv != NULL, -1);
- xmlSecAssert2(ivSize == XMLSEC_NSS_DES3_IV_LENGTH, -1);
- xmlSecAssert2(in != NULL, -1);
- xmlSecAssert2(inSize > 0, -1);
- xmlSecAssert2(out != NULL, -1);
- xmlSecAssert2(outSize >= inSize, -1);
-
- /* Prepare IV */
- ivItem.data = ( unsigned char* )iv ;
- ivItem.len = ivSize ;
-
- secParam = PK11_ParamFromIV(cipherMech, &ivItem);
- if (secParam == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_ParamFromIV",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "Error code = %d", PORT_GetError());
- goto done;
- }
-
- EncContext = PK11_CreateContextBySymKey(cipherMech,
- enc ? CKA_ENCRYPT : CKA_DECRYPT,
- symKey, secParam);
- if (EncContext == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_CreateContextBySymKey",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "Error code = %d", PORT_GetError());
- goto done;
- }
-
- tmp1_outlen = tmp2_outlen = 0;
- rv = PK11_CipherOp(EncContext, out, &tmp1_outlen, outSize,
- (unsigned char *)in, inSize);
- if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_CipherOp",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "Error code = %d", PORT_GetError());
- goto done;
- }
-
- rv = PK11_DigestFinal(EncContext, out+tmp1_outlen,
- &tmp2_outlen, outSize-tmp1_outlen);
- if (rv != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_DigestFinal",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "Error code = %d", PORT_GetError());
- goto done;
- }
-
- result_len = tmp1_outlen + tmp2_outlen;
-
-done:
- if (secParam) {
- SECITEM_FreeItem(secParam, PR_TRUE);
- }
- if (EncContext) {
- PK11_DestroyContext(EncContext, PR_TRUE);
- }
-
- return(result_len);
-}
-
-static int
-xmlSecNssKeyWrapDesOp(
- xmlSecNssKeyWrapCtxPtr ctx ,
- int encrypt ,
- xmlSecBufferPtr result
-) {
- xmlSecByte sha1[SHA1_LENGTH];
- xmlSecByte iv[XMLSEC_NSS_DES3_IV_LENGTH];
- xmlSecByte* in;
- xmlSecSize inSize;
- xmlSecByte* out;
- xmlSecSize outSize;
- xmlSecSize s;
- int ret;
- SECStatus status;
-
- xmlSecAssert2( ctx != NULL , -1 ) ;
- xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( ctx->symkey != NULL , -1 ) ;
- xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
- xmlSecAssert2( ctx->material != NULL , -1 ) ;
- xmlSecAssert2( result != NULL , -1 ) ;
-
- in = xmlSecBufferGetData(ctx->material);
- inSize = xmlSecBufferGetSize(ctx->material) ;
- out = xmlSecBufferGetData(result);
- outSize = xmlSecBufferGetMaxSize(result) ;
- if( encrypt ) {
- /* step 2: calculate sha1 and CMS */
- if(xmlSecNssComputeSHA1(in, inSize, sha1, SHA1_LENGTH) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssComputeSHA1",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* step 3: construct WKCKS */
- memcpy(out, in, inSize);
- memcpy(out + inSize, sha1, XMLSEC_NSS_DES3_BLOCK_LENGTH);
-
- /* step 4: generate random iv */
- status = PK11_GenerateRandom(iv, XMLSEC_NSS_DES3_IV_LENGTH);
- if(status != SECSuccess) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "PK11_GenerateRandom",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- "error code = %d", PORT_GetError());
- return(-1);
- }
-
- /* step 5: first encryption, result is TEMP1 */
- ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher,
- iv, XMLSEC_NSS_DES3_IV_LENGTH,
- out, inSize + XMLSEC_NSS_DES3_IV_LENGTH,
- out, outSize, 1);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3Encrypt",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* step 6: construct TEMP2=IV || TEMP1 */
- memmove(out + XMLSEC_NSS_DES3_IV_LENGTH, out,
- inSize + XMLSEC_NSS_DES3_IV_LENGTH);
- memcpy(out, iv, XMLSEC_NSS_DES3_IV_LENGTH);
- s = ret + XMLSEC_NSS_DES3_IV_LENGTH;
-
- /* step 7: reverse octets order, result is TEMP3 */
- ret = xmlSecNssKWDes3BufferReverse(out, s);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3BufferReverse",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* step 8: second encryption with static IV */
- ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher,
- xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH,
- out, s,
- out, outSize, 1);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3Encrypt",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- s = ret;
-
- if( xmlSecBufferSetSize( result , s ) < 0 ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBufferSetSize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- } else {
- /* step 2: first decryption with static IV, result is TEMP3 */
- ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher,
- xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH,
- in, inSize,
- out, outSize, 0);
- if((ret < 0) || (ret < XMLSEC_NSS_DES3_IV_LENGTH)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3Encrypt",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- s = ret;
-
- /* step 3: reverse octets order in TEMP3, result is TEMP2 */
- ret = xmlSecNssKWDes3BufferReverse(out, s);
- if(ret < 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3BufferReverse",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- /* steps 4 and 5: get IV and decrypt second time, result is WKCKS */
- ret = xmlSecNssKWDes3Encrypt( ctx->symkey, ctx->cipher,
- out, XMLSEC_NSS_DES3_IV_LENGTH,
- out+XMLSEC_NSS_DES3_IV_LENGTH, s-XMLSEC_NSS_DES3_IV_LENGTH,
- out, outSize, 0);
- if((ret < 0) || (ret < XMLSEC_NSS_DES3_BLOCK_LENGTH)) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssKWDes3Encrypt",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- s = ret - XMLSEC_NSS_DES3_IV_LENGTH;
-
- /* steps 6 and 7: calculate SHA1 and validate it */
- if(xmlSecNssComputeSHA1(out, s, sha1, SHA1_LENGTH) == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecNssComputeSHA1",
- XMLSEC_ERRORS_R_CRYPTO_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
-
- if(memcmp(sha1, out + s, XMLSEC_NSS_DES3_BLOCK_LENGTH) != 0) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_DATA,
- "SHA1 does not match");
- return(-1);
- }
-
- if( xmlSecBufferSetSize( result , s ) < 0 ) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- "xmlSecBufferSetSize",
- XMLSEC_ERRORS_R_XMLSEC_FAILED,
- XMLSEC_ERRORS_NO_MESSAGE);
- return(-1);
- }
- }
-
- return(0);
-}
-
-static int
-xmlSecNssKeyWrapAesOp(
- xmlSecNssKeyWrapCtxPtr ctx ,
- int encrypt ,
- xmlSecBufferPtr result
-) {
- PK11Context* cipherCtx = NULL;
- SECItem ivItem ;
- SECItem* secParam = NULL ;
- xmlSecSize inSize ;
- xmlSecSize inBlocks ;
- int blockSize ;
- int midSize ;
- int finSize ;
- xmlSecByte* out ;
- xmlSecSize outSize;
-
- xmlSecAssert2( ctx != NULL , -1 ) ;
- xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( ctx->symkey != NULL , -1 ) ;
- xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
- xmlSecAssert2( ctx->material != NULL , -1 ) ;
- xmlSecAssert2( result != NULL , -1 ) ;
-
- /* Do not set any IV */
- memset(&ivItem, 0, sizeof(ivItem));
-
- /* Get block size */
- if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_GetBlockSize" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- inSize = xmlSecBufferGetSize( ctx->material ) ;
- if( xmlSecBufferSetMaxSize( result , inSize + blockSize ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferSetMaxSize" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- /* Get Param for context initialization */
- if( ( secParam = PK11_ParamFromIV( ctx->cipher , &ivItem ) ) == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_ParamFromIV" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- cipherCtx = PK11_CreateContextBySymKey( ctx->cipher , encrypt ? CKA_ENCRYPT : CKA_DECRYPT , ctx->symkey , secParam ) ;
- if( cipherCtx == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_CreateContextBySymKey" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- SECITEM_FreeItem( secParam , PR_TRUE ) ;
- return(-1);
- }
-
- out = xmlSecBufferGetData(result) ;
- outSize = xmlSecBufferGetMaxSize(result) ;
- if( PK11_CipherOp( cipherCtx , out, &midSize , outSize , xmlSecBufferGetData( ctx->material ) , inSize ) != SECSuccess ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_CipherOp" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( PK11_DigestFinal( cipherCtx , out + midSize , &finSize , outSize - midSize ) != SECSuccess ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_DigestFinal" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( xmlSecBufferSetSize( result , midSize + finSize ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferSetSize" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- return 0 ;
-}
-
-/**
- * Block cipher transform final
- */
-static int
-xmlSecNssKeyWrapCtxFinal(
- xmlSecNssKeyWrapCtxPtr ctx ,
- xmlSecBufferPtr in ,
- xmlSecBufferPtr out ,
- int encrypt ,
- xmlSecTransformCtxPtr transformCtx
-) {
- PK11SymKey* targetKey ;
- xmlSecSize blockSize ;
- xmlSecBufferPtr result ;
-
- xmlSecAssert2( ctx != NULL , -1 ) ;
- xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
- xmlSecAssert2( ctx->symkey != NULL , -1 ) ;
- xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
- xmlSecAssert2( ctx->material != NULL , -1 ) ;
- xmlSecAssert2( in != NULL , -1 ) ;
- xmlSecAssert2( out != NULL , -1 ) ;
- xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
- /* read raw key material and append into context */
- if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferAppend" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferRemoveHead" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- /* Now we get all of the key materail */
- /* from now on we will wrap or unwrap the key */
- if( ( blockSize = PK11_GetBlockSize( ctx->cipher , NULL ) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "PK11_GetBlockSize" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- result = xmlSecBufferCreate( blockSize ) ;
- if( result == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferCreate" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- switch( ctx->cipher ) {
- case CKM_DES3_CBC :
- if( xmlSecNssKeyWrapDesOp(ctx, encrypt, result) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecNssKeyWrapDesOp" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- xmlSecBufferDestroy(result);
- return(-1);
- }
- break ;
- /* case CKM_NETSCAPE_AES_KEY_WRAP :*/
- case CKM_AES_CBC :
- if( xmlSecNssKeyWrapAesOp(ctx, encrypt, result) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecNssKeyWrapAesOp" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- xmlSecBufferDestroy(result);
- return(-1);
- }
- break ;
- }
-
- /* Write output */
- if( xmlSecBufferAppend( out, xmlSecBufferGetData(result), xmlSecBufferGetSize(result) ) < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- NULL ,
- "xmlSecBufferAppend" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- xmlSecBufferDestroy(result);
- return(-1);
- }
- xmlSecBufferDestroy(result);
-
- return(0);
-}
-
-static int
-xmlSecNssKeyWrapExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
- xmlSecNssKeyWrapCtxPtr context = NULL ;
- xmlSecBufferPtr inBuf, outBuf ;
- int operation ;
- int rtv ;
-
- xmlSecAssert2( xmlSecNssKeyWrapCheckId( transform ), -1 ) ;
- xmlSecAssert2( xmlSecTransformCheckSize( transform, xmlSecNssKeyWrapSize ), -1 ) ;
- xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ;
- xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
- context = xmlSecNssKeyWrapGetCtx( transform ) ;
- if( context == NULL ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- "xmlSecNssKeyWrapGetCtx" ,
- XMLSEC_ERRORS_R_CRYPTO_FAILED ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
-
- inBuf = &( transform->inBuf ) ;
- outBuf = &( transform->outBuf ) ;
-
- if( transform->status == xmlSecTransformStatusNone ) {
- transform->status = xmlSecTransformStatusWorking ;
- }
-
- operation = ( transform->operation == xmlSecTransformOperationEncrypt ) ? 1 : 0 ;
- if( transform->status == xmlSecTransformStatusWorking ) {
- if( context->material == NULL ) {
- rtv = xmlSecNssKeyWrapCtxInit( context, inBuf , outBuf , operation , transformCtx ) ;
- if( rtv < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- "xmlSecNssKeyWrapCtxInit" ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
- }
-
- if( context->material == NULL && last != 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- NULL ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- "No enough data to intialize transform" ) ;
- return(-1);
- }
-
- if( context->material != NULL ) {
- rtv = xmlSecNssKeyWrapCtxUpdate( context, inBuf , outBuf , operation , transformCtx ) ;
- if( rtv < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- "xmlSecNssKeyWrapCtxUpdate" ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
- }
-
- if( last ) {
- rtv = xmlSecNssKeyWrapCtxFinal( context, inBuf , outBuf , operation , transformCtx ) ;
- if( rtv < 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- "xmlSecNssKeyWrapCtxFinal" ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- XMLSEC_ERRORS_NO_MESSAGE ) ;
- return(-1);
- }
- transform->status = xmlSecTransformStatusFinished ;
- }
- } else if( transform->status == xmlSecTransformStatusFinished ) {
- if( xmlSecBufferGetSize( inBuf ) != 0 ) {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- NULL ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- "status=%d", transform->status ) ;
- return(-1);
- }
- } else {
- xmlSecError( XMLSEC_ERRORS_HERE ,
- xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
- NULL ,
- XMLSEC_ERRORS_R_INVALID_STATUS ,
- "status=%d", transform->status ) ;
- return(-1);
- }
-
- return(0);
-}
-
-#ifndef XMLSEC_NO_AES
-
-
-#ifdef __MINGW32__ // for runtime-pseudo-reloc
-static struct _xmlSecTransformKlass xmlSecNssKWAes128Klass = {
-#else
-static xmlSecTransformKlass xmlSecNssKWAes128Klass = {
-#endif
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyWrapSize, /* xmlSecSize objSize */
-
- xmlSecNameKWAes128, /* const xmlChar* name; */
- xmlSecHrefKWAes128, /* const xmlChar* href; */
- xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
-
- xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- NULL, /* xmlSecTransformValidateMethod validate; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-#ifdef __MINGW32__ // for runtime-pseudo-reloc
-static struct _xmlSecTransformKlass xmlSecNssKWAes192Klass = {
-#else
-static xmlSecTransformKlass xmlSecNssKWAes192Klass = {
-#endif
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyWrapSize, /* xmlSecSize objSize */
-
- xmlSecNameKWAes192, /* const xmlChar* name; */
- xmlSecHrefKWAes192, /* const xmlChar* href; */
- xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
-
- xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- NULL, /* xmlSecTransformValidateMethod validate; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-#ifdef __MINGW32__ // for runtime-pseudo-reloc
-static struct _xmlSecTransformKlass xmlSecNssKWAes256Klass = {
-#else
-static xmlSecTransformKlass xmlSecNssKWAes256Klass = {
-#endif
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyWrapSize, /* xmlSecSize objSize */
-
- xmlSecNameKWAes256, /* const xmlChar* name; */
- xmlSecHrefKWAes256, /* const xmlChar* href; */
- xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
-
- xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- NULL, /* xmlSecTransformValidateMethod validate; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecNssTransformKWAes128GetKlass:
- *
- * The AES-128 key wrapper transform klass.
- *
- * Returns AES-128 key wrapper transform klass.
- */
-xmlSecTransformId
-xmlSecNssTransformKWAes128GetKlass(void) {
- return(&xmlSecNssKWAes128Klass);
-}
-
-/**
- * xmlSecNssTransformKWAes192GetKlass:
- *
- * The AES-192 key wrapper transform klass.
- *
- * Returns AES-192 key wrapper transform klass.
- */
-xmlSecTransformId
-xmlSecNssTransformKWAes192GetKlass(void) {
- return(&xmlSecNssKWAes192Klass);
-}
-
-/**
- *
- * The AES-256 key wrapper transform klass.
- *
- * Returns AES-256 key wrapper transform klass.
- */
-xmlSecTransformId
-xmlSecNssTransformKWAes256GetKlass(void) {
- return(&xmlSecNssKWAes256Klass);
-}
-
-#endif /* XMLSEC_NO_AES */
-
-
-#ifndef XMLSEC_NO_DES
-
-#ifdef __MINGW32__ // for runtime-pseudo-reloc
-static struct _xmlSecTransformKlass xmlSecNssKWDes3Klass = {
-#else
-static xmlSecTransformKlass xmlSecNssKWDes3Klass = {
-#endif
- /* klass/object sizes */
- sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
- xmlSecNssKeyWrapSize, /* xmlSecSize objSize */
-
- xmlSecNameKWDes3, /* const xmlChar* name; */
- xmlSecHrefKWDes3, /* const xmlChar* href; */
- xmlSecTransformUsageEncryptionMethod, /* xmlSecAlgorithmUsage usage; */
-
- xmlSecNssKeyWrapInitialize, /* xmlSecTransformInitializeMethod initialize; */
- xmlSecNssKeyWrapFinalize, /* xmlSecTransformFinalizeMethod finalize; */
- NULL, /* xmlSecTransformNodeReadMethod readNode; */
- NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
- xmlSecNssKeyWrapSetKeyReq, /* xmlSecTransformSetKeyMethod setKeyReq; */
- xmlSecNssKeyWrapSetKey, /* xmlSecTransformSetKeyMethod setKey; */
- NULL, /* xmlSecTransformValidateMethod validate; */
- xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
- xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
- xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
- NULL, /* xmlSecTransformPushXmlMethod pushXml; */
- NULL, /* xmlSecTransformPopXmlMethod popXml; */
- xmlSecNssKeyWrapExecute, /* xmlSecTransformExecuteMethod execute; */
-
- NULL, /* void* reserved0; */
- NULL, /* void* reserved1; */
-};
-
-/**
- * xmlSecNssTransformKWDes3GetKlass:
- *
- * The Triple DES key wrapper transform klass.
- *
- * Returns Triple DES key wrapper transform klass.
- */
-xmlSecTransformId
-xmlSecNssTransformKWDes3GetKlass(void) {
- return(&xmlSecNssKWDes3Klass);
-}
-
-#endif /* XMLSEC_NO_DES */
-
generated by cgit (git 2.34.1) at 2024-08-13 16:22:42 +0000